Office (OLE) / .VXE malware analysis — malicious · a07e213b02aa5475

MALICIOUS

Office (OLE) / .VXE

363.5 KB Created: 2009-04-18 02:17:36 Authoring application: Microsoft Excel

MD5: 7827c959ecfdab4e178330e6d83c17c7 SHA-1: 09a4dfff4e9aa8fceb3295f9fcf23ee5ab194ed0 SHA-256: a07e213b02aa5475afe87974bb430793399dc349d0bac749a3b8495a60aa1ca3

60 Risk Score

Malware Insights

MITRE ATT&CK

T1059.005 Visual Basic for Applications

The file is identified as a malicious Excel document containing a legacy formula macro virus. The document body presents itself as a price list for electrical cables from a company named CÔNG TY DÂY & CÁP ĐIỆN NGỌC KHÁNH. The presence of the 'OLE_XLS_FORMULA_MACRO_VIRUS' heuristic firing, along with markers like 'Excel Formula Macro Virus', 'XF.Classic', 'Poppy by VicodinES', and 'Narkotic Network', strongly indicates the presence of a known, albeit old, macro-based threat.

Heuristics 1

Legacy Excel formula macro virus marker critical OLE_XLS_FORMULA_MACRO_VIRUS

Workbook stream contains self-identifying legacy Excel formula macro virus markers. This indicates the document carries formula macro virus content even when no VBA project or modern XLM macro-sheet structure is present.

Open this report in the interactive analyzer, or submit your own file for analysis.