Malicious Office (OOXML) — malware analysis report

Static analysis result for SHA-256 a0cc875c3b038322…

MALICIOUS

Office (OOXML)

9.5 KB Authoring application: 14.0300 First seen: 2021-03-31
MD5: 59967651b6ed4c5467c08a3751d8bb2c SHA-1: 11aa0ff570684026a1b2ace4aae5d101deb98460 SHA-256: a0cc875c3b0383224aa41e46725e8c99019d5869ff4b75d806268d2026730576
60 Risk Score

Heuristics 1

  • Spreadsheet DDE link launches a dangerous command critical OOXML_SPREADSHEET_DDE_MALICIOUS
    Excel workbook contains an externalLinks/ddeLink entry whose ddeService/ddeTopic launches a dangerous executable. This is SpreadsheetML DDE command execution, distinct from WordprocessingML DDE field instructions.