Xls.Dropper.Agent-7002626-0 — Office (OLE) malware analysis

Static analysis result for SHA-256 8f8f67b7653ce0f2…

MALICIOUS

Office (OLE)

27.0 KB Authoring application: Microsoft Excel First seen: 2012-06-14
MD5: f12e9070dde145d567038de4ec19d55d SHA-1: 7ed6bd8e0a00cda9ebd93431f7b064fa6f16ff1c SHA-256: 8f8f67b7653ce0f27e79167688d97d0ecfc2f9068eb08a6db386793673cec355
60 Risk Score

Malware Insights

Xls.Dropper.Agent-7002626-0 · confidence 95%

MITRE ATT&CK
T1566.001 Spearphishing Attachment

The file is identified by ClamAV as Xls.Dropper.Agent-7002626-0, indicating it is a malicious Excel dropper. The document body contains text suggesting it is a virus, and the presence of a macro (implied by the 'Office (OLE)' file type and ClamAV detection name) is the likely mechanism for delivering a second-stage payload. The authoring application being Microsoft Excel further supports the likelihood of a macro-based attack.

Heuristics 1

  • ClamAV: Xls.Dropper.Agent-7002626-0 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Xls.Dropper.Agent-7002626-0

Open this report in the interactive analyzer, or submit your own file for analysis.