Malicious Office (OLE) / .EXE — malware analysis report

Static analysis result for SHA-256 93f765d715ab2ae6…

MALICIOUS

Office (OLE) / .EXE

162.0 KB Created: 2000-01-06 14:33:21 Authoring application: Microsoft Excel
MD5: 948ac928c9d8babe7c9d2b8cbf444585 SHA-1: 6f452b8065fd17c6b77df6924d25604b86a2c882 SHA-256: 93f765d715ab2ae6dcb368e1bf26fc57888fcb2e4d25fb6e84420a74fc34b908
60 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment T1059.005 Visual Basic

The file is an Excel OLE file containing a VBA macro. A high-severity heuristic indicates the presence of an Auto_Open macro, which is commonly used to execute malicious code upon opening the document. The macro source is 3732 bytes, suggesting it contains executable logic. No specific family could be identified, but the technique is consistent with macro-based malware delivery.

Heuristics 2

  • Auto_Open macro high OLE_VBA_AUTO
    Auto_Open macro
  • VBA macros detected medium OLE_VBA_MACROS
    Document contains VBA macro code

Extracted artifacts 1

Files carved from inside the sample during analysis.

FilenameKindSourceSize
macros.bas
9eb3e05d67426c21f896f79ded68c5f24a9c07cab6d1c70062522628c2be95af		 vba-macro oletools.olevba.extract_macros (decoded VBA source) 3732 bytes

Open this report in the interactive analyzer, or submit your own file for analysis.