MALICIOUS
80
Risk Score
Malware Insights
MITRE ATT&CK
T1059.005 Visual Basic
The sample is an OLE file containing Excel 4.0 macros, indicated by the OLE_XLM_AUTOOPEN and OLE_XLS_FORMULA_MACRO_VIRUS heuristic firings. These heuristics specifically mention legacy Excel formula macro virus markers and names associated with known malicious content, suggesting the macro is designed to execute malicious commands. The presence of these markers strongly indicates a malicious intent to compromise the system upon opening the file.
Heuristics 2
-
Legacy Excel formula macro virus marker critical OLE_XLS_FORMULA_MACRO_VIRUSWorkbook stream contains self-identifying legacy Excel formula macro virus markers. This indicates the document carries formula macro virus content even when no VBA project or modern XLM macro-sheet structure is present.
-
Excel 4.0 (XLM) macro sheet present medium OLE_XLM_AUTOOPENWorkbook contains an Excel 4.0 macro sheet sub-stream — XLM is rarely seen in modern legitimate workbooks and was a major Office malware vector during 2020-2022.
Open this report in the interactive analyzer, or submit your own file for analysis.