Malicious Office (OLE) — malware analysis report

Static analysis result for SHA-256 9ff60aa6bd0e643c…

MALICIOUS

Office (OLE)

40.5 KB Created: 1980-01-05 18:38:40 Authoring application: Microsoft Excel First seen: 2012-06-14
MD5: 7c02cae16053ceaf0ff7389d35dd7590 SHA-1: 65e66ae1228c4959f3be96bb6bf10dd337098b7d SHA-256: 9ff60aa6bd0e643c805ddcd928c5d22c3cbcdb6d0806fa6684a2de11aa1ea9e4
60 Risk Score

Malware Insights

MITRE ATT&CK
T1059.005 Visual Basic

The critical heuristic firing for OLE_XLS5_LAROUX_MACRO_VIRUS strongly suggests the presence of the Laroux macro virus within this Excel file. This family is known for its ability to spread through malicious VBA macros, often using functions like Auto_Open or OnSheetActivate to execute.

Heuristics 1

  • Excel 5 Laroux/Larou-CV macro-virus marker cluster critical OLE_XLS5_LAROUX_MACRO_VIRUS
    Legacy Excel workbook contains a Laroux/Larou-CV macro-virus marker cluster including auto_open execution and workbook/module replication strings. This is a narrow indicator for an infected legacy Excel macro workbook.

Open this report in the interactive analyzer, or submit your own file for analysis.