Malicious Office (OOXML) / .XLSX — malware analysis report

Static analysis result for SHA-256 a6e96799222a1331…

MALICIOUS

Office (OOXML) / .XLSX

102.3 KB Created: 2022-06-01 07:33:41 UTC Authoring application: Microsoft Excel 14.0300 First seen: 2022-09-25
MD5: d0227d7497666b6a67046349916f59cd SHA-1: 07038c8a2c8e42e92c0c75769299a384d95a817e SHA-256: a6e96799222a133139c4426067330763acc5f8e59f05e1af8636851b0d6aac89
60 Risk Score

Malware Insights

MITRE ATT&CK
T1204 Malicious Link T1204.002 Malicious Link: Malicious File

The file was detected by ClamAV as Xml.Exploit.DDE_Abuse-9987933-1, indicating it leverages Dynamic Data Exchange (DDE) abuse. This technique is commonly used to trick users into enabling macros or to directly execute commands upon opening the document, leading to further malicious activity.

Heuristics 1

  • ClamAV: Xml.Exploit.DDE_Abuse-9987933-1 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Xml.Exploit.DDE_Abuse-9987933-1

Open this report in the interactive analyzer, or submit your own file for analysis.