Office (OLE) malware analysis — malicious · ac0c60dfddc40938

MALICIOUS

Office (OLE)

15.5 KB Created: 1996-09-11 13:19:00 Authoring application: Microsoft Word for Windows 95 First seen: 2015-10-13

MD5: 30e84bf950b2e2510f22fa51f0f095d0 SHA-1: 99fc78d7ba7422558de4ad8e18d524daa29f3a7c SHA-256: ac0c60dfddc40938972bf72e7abc33711c45331dfb407024be456aeb61bf60f3

80 Risk Score

Heuristics 2

ClamAV: Win.Trojan.Lamah-2 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Win.Trojan.Lamah-2
Legacy WordBasic auto-exec macro marker medium OLE_LEGACY_WORDBASIC_AUTOEXEC

OLE Word document contains a legacy WordBasic auto-execution marker such as AutoOpen, but no modern VBA project was recovered and no stronger macro-virus family marker was present. This is analyst-facing evidence for old Word macro execution surface, not a downloader or parser-CVE attribution by itself.

Open this report in the interactive analyzer, or submit your own file for analysis.