MALICIOUS
60
Risk Score
Malware Insights
MITRE ATT&CK
T1059.005 Visual Basic
The sample is an Excel file identified as a legacy Excel formula macro virus, specifically 'Poppy by VicodinES'. The heuristic firing indicates it's designed to infect other workbooks and potentially execute malicious code. The embedded text confirms this, referencing 'Excel Formula Macro Virus (XF.Classic)' and 'Simple Payload', suggesting a downloader or dropper functionality.
Heuristics 1
-
Legacy Excel formula macro virus marker critical OLE_XLS_FORMULA_MACRO_VIRUSWorkbook stream contains self-identifying legacy Excel formula macro virus markers. This indicates the document carries formula macro virus content even when no VBA project or modern XLM macro-sheet structure is present.
Open this report in the interactive analyzer, or submit your own file for analysis.