Malicious Office (OLE) / .XLS — malware analysis report

Static analysis result for SHA-256 7f0728a27f3be307…

MALICIOUS

Office (OLE) / .XLS

71.0 KB Created: 2007-08-01 07:19:18 Authoring application: Microsoft Excel
MD5: 040935b83a9f0a926db72c5a6cb02e79 SHA-1: d65b78d43798d7f7a9e48ea31958562552706c08 SHA-256: 7f0728a27f3be307f65e488ca1c4782debebb45abcf7cdca49239554ddd2c008
60 Risk Score

Malware Insights

MITRE ATT&CK
T1059.005 Visual Basic

The file is a malicious Excel spreadsheet containing a VBA macro. The presence of an Auto_Open macro indicates that the malicious code will execute automatically upon opening the document. The macro source is 38798 bytes, suggesting complex functionality, likely to download and execute a second-stage payload.

Heuristics 2

  • Auto_Open macro high OLE_VBA_AUTO
    Auto_Open macro
  • VBA macros detected medium OLE_VBA_MACROS
    Document contains VBA macro code

Extracted artifacts 1

Files carved from inside the sample during analysis.

FilenameKindSourceSize
macros.bas
5ca8293fba3e7f8f8a9be007678a52494f0f892c6cfe282957601355412125b7		 vba-macro oletools.olevba.extract_macros (decoded VBA source) 38798 bytes

Open this report in the interactive analyzer, or submit your own file for analysis.