Malicious Office (OLE) — malware analysis report

Static analysis result for SHA-256 8b0ec5740eb2b00c…

MALICIOUS

Office (OLE)

507.5 KB Created: 1996-10-14 23:33:28 Authoring application: Microsoft Excel
MD5: 3eb6a4f1d42d546add749e4234e90d79 SHA-1: 0760515823076fcad27722949c774136c5c9560e SHA-256: 8b0ec5740eb2b00cc5bb158ceb4dadef15ebf6fd0fea8373bbc2a9316f4244d7
60 Risk Score

Malware Insights

MITRE ATT&CK
T1059 Command and Scripting Interpreter

The critical heuristic 'OLE_XLS_FORMULA_MACRO_VIRUS' strongly suggests this Excel file contains a legacy macro virus. The presence of markers like 'Excel Formula Macro Virus', 'XF.Classic', 'Poppy by VicodinES', and 'Narkotic Network' further supports this classification. While no specific malicious script was extracted, the file's structure and the heuristic firing indicate a high likelihood of malicious formula-based macro execution.

Heuristics 1

  • Legacy Excel formula macro virus marker critical OLE_XLS_FORMULA_MACRO_VIRUS
    Workbook stream contains self-identifying legacy Excel formula macro virus markers. This indicates the document carries formula macro virus content even when no VBA project or modern XLM macro-sheet structure is present.

Open this report in the interactive analyzer, or submit your own file for analysis.