Malicious Office (OLE) — malware analysis report

Static analysis result for SHA-256 a42e32daf80384aa…

MALICIOUS

Office (OLE)

27.0 KB Created: 2017-12-22 18:13:00 Authoring application: Microsoft Office Word First seen: 2020-04-06
MD5: a7a24fbc9459fcf976606ecf5deaaabc SHA-1: 9789471fd36dac6e24721ebfa931a72db3e6dc60 SHA-256: a42e32daf80384aa69481bcaf4dd8edb9fa1016dc4f987def8053b2385ef6c9d
62 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment

The file is detected by ClamAV as 'Img.Dropper.PhishingLure-6443153-0', indicating it is designed to lure users into phishing sites. The presence of an embedded URL further supports this, although the specific URL identified is benign. The document's structure and metadata are consistent with a malicious Office document.

Heuristics 2

  • ClamAV: Img.Dropper.PhishingLure-6443153-0 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Img.Dropper.PhishingLure-6443153-0
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://schemas.openxmlformats.org/drawingml/2006/main In document text (OLE body)

Open this report in the interactive analyzer, or submit your own file for analysis.