Malicious Office (OOXML) — malware analysis report

Static analysis result for SHA-256 9c0eecd1ddd660e8…

MALICIOUS

Office (OOXML)

66.3 KB Created: 2021-08-18 08:45:24 UTC Authoring application: Microsoft Excel 15.0300
MD5: 2c678c7c1611c2d0344a0ef19ef32f1e SHA-1: 7c306f97341c8765732cdb1af45a6d4f4e0004fd SHA-256: 9c0eecd1ddd660e874aceb0b01da9aac8a1ca1ff24e716d922e47595fd91dc43
60 Risk Score

Malware Insights

MITRE ATT&CK
T1203 Exploitation for Client Execution

The file was detected by ClamAV as Xml.Exploit.DDE_Abuse-9987933-1, indicating it leverages Dynamic Data Exchange (DDE) to execute commands. This technique is commonly used to download and run malicious payloads on the victim's system.

Heuristics 1

  • ClamAV: Xml.Exploit.DDE_Abuse-9987933-1 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Xml.Exploit.DDE_Abuse-9987933-1

Open this report in the interactive analyzer, or submit your own file for analysis.