Office (OLE) / .PPT malware analysis — malicious · 9561db4861f03acd

MALICIOUS

Office (OLE) / .PPT

583.5 KB Created: 2006-03-30 06:47:57 Authoring application: Microsoft PowerPoint

MD5: a65e813521014cfa4ddf464fa5a15859 SHA-1: 104351aaf4e5b057931eea036eb76d7217a721d2 SHA-256: 9561db4861f03acd34c0252ba825d9c8760b768c9dc6a5aab9c55bbbf031c4d7

60 Risk Score

Malware Insights

MITRE ATT&CK

T1566.001 Spearphishing Attachment

The file is identified as malicious by ClamAV with the signature Win.Trojan.Tristate-2. The document body presents itself as a sales report, a common lure for social engineering attacks. While no scripts were extracted, the document's structure and the heuristic firing suggest it is designed to deceive the user into a malicious action.

Heuristics 1

ClamAV: Win.Trojan.Tristate-2 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Win.Trojan.Tristate-2

Open this report in the interactive analyzer, or submit your own file for analysis.