Malicious Office (OLE) — malware analysis report

Static analysis result for SHA-256 959c022f5c71017f…

MALICIOUS

Office (OLE)

11.0 KB Created: 1601-01-01 00:00:00 Authoring application: Microsoft Word 6.0 First seen: 2012-06-14
MD5: 26c73af9787a2f5a7aee37c7c9ab521b SHA-1: dfe806cc87b75eb02278a90f8ad99c384c97f508 SHA-256: 959c022f5c71017f03044cd568a7410e5b0e375273b26a2ed3fabd96c7f313cc
60 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment

The file is identified as malicious by ClamAV with the signature Win.Trojan.Buero-1. The document body contains what appears to be template-related text, suggesting a lure to trick the user into enabling macros. No scripts were extracted, and the document body does not contain explicit instructions, but the heuristic firing strongly indicates malicious intent.

Heuristics 1

  • ClamAV: Win.Trojan.Buero-1 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Win.Trojan.Buero-1

Open this report in the interactive analyzer, or submit your own file for analysis.