Office (OLE) / .XLS malware analysis — malicious · 8719927834935244

MALICIOUS

Office (OLE) / .XLS

19.5 KB Created: 2010-08-17 06:18:26 Authoring application: Microsoft Excel

MD5: 8bbba27db83ebe95b18b82ef02bc28b7 SHA-1: 62c167eed624473fe810408aef4fd138f8148078 SHA-256: 8719927834935244c3fcaf7e6e231bf416effa41f09b28ceb910e47a13df76b4

120 Risk Score

Malware Insights

MITRE ATT&CK

T1059.005 Visual Basic

The sample is an Excel file containing a VBA macro, specifically an Auto_Open macro, which is a common technique for executing malicious code upon opening the document. ClamAV identified this as Doc.Macro.Laroux-5893719-0. No specific download or execution URLs were found, but the presence of the Auto_Open macro strongly indicates malicious intent.

Heuristics 3

ClamAV: Doc.Macro.Laroux-5893719-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Doc.Macro.Laroux-5893719-0
Auto_Open macro high OLE_VBA_AUTO

Auto_Open macro
VBA macros detected medium OLE_VBA_MACROS

Document contains VBA macro code

Extracted artifacts 1

Files carved from inside the sample during analysis.

Filename	Kind	Source	Size
`macros.bas` `9e8ce1401c4739b83f9e6a6842670f92d64e220d4214f18d0db5f915102b51a3`	vba-macro	oletools.olevba.extract_macros (decoded VBA source)	1176 bytes

Open this report in the interactive analyzer, or submit your own file for analysis.