Malicious Office (OLE) — malware analysis report

Static analysis result for SHA-256 a6e7760695c4a3ed…

MALICIOUS

Office (OLE)

251.5 KB Created: 1998-07-02 07:04:00 Authoring application: Microsoft Word for Windows 95
MD5: 072959ebc8f849813139153d1208f5b5 SHA-1: 3ff04ef7b7e64d698cec9d0adfffc9bd72c950fb SHA-256: a6e7760695c4a3ed3130c50ea89c293cff6c61f223a1f5b9d5ab4c06b02d055a
60 Risk Score

Malware Insights

MITRE ATT&CK
T1059.001 PowerShell

The file is identified as a malicious OLE file by ClamAV with the signature Win.Trojan.Tm-1. The document body contains highly obfuscated text and metadata, including references to printer drivers and internal document structures, which are common in macro-enabled malicious documents. The presence of 'AUTOOPEN' suggests a macro execution trigger. While no specific script was extracted, the overall structure and ClamAV detection strongly indicate a malware delivery attempt.

Heuristics 1

  • ClamAV: Win.Trojan.Tm-1 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Win.Trojan.Tm-1

Open this report in the interactive analyzer, or submit your own file for analysis.