Office (OLE) malware analysis — malicious · 804660a61d576805

MALICIOUS

Office (OLE)

45.0 KB Created: 1601-01-01 00:00:00 Authoring application: Microsoft PowerPoint

MD5: 951bf37f21bd317e00b1e51ce4257986 SHA-1: 7d46bd1a21f3641ae1683f2e0232c01cdfa398b5 SHA-256: 804660a61d576805d0b6a1d53548f3b3d36be3cfefc877d6b69f3e57f20924a0

60 Risk Score

Malware Insights

MITRE ATT&CK

T1566.001 Spearphishing Attachment T1203 Exploitation for Client Execution

The sample is a PowerPoint document identified as malicious. It contains an embedded executable file (PE), indicating a likely attempt to deliver a secondary payload. The document body text is not indicative of a specific lure, but the presence of the embedded executable is a strong indicator of malicious intent.

Heuristics 1

Embedded PE executable critical OLE_EMBEDDED_EXE

MZ/PE header found inside document — possible embedded executable

Extracted artifacts 1

Files carved from inside the sample during analysis.

Filename	Kind	Source	Size
`embedded_office_00002a66.exe` `d35cd5abde5ffa2b028d8d074cf60590946189a90226f78bee2a82bb46f6054d`	embedded-pe	Office MZ+PE at offset 0x2A66	35226 bytes

Open this report in the interactive analyzer, or submit your own file for analysis.