Malicious Office (OLE) — malware analysis report

Static analysis result for SHA-256 aceb6cb8cdc1ed92…

MALICIOUS

Office (OLE)

161.0 KB Created: 1997-01-20 23:02:00 Authoring application: Microsoft Word for Windows 95
MD5: ea3e0b1c48b7eae592989da19142f7de SHA-1: 966c5e41af969dbe56eba62f13adfd0c6db0cb88 SHA-256: aceb6cb8cdc1ed92de5aab9435b52ebf63c04d5337407d5b3837b308cd66d14a
60 Risk Score

Malware Insights

MITRE ATT&CK
T1559.002 Component Object Model Hijacking

The file is an OLE document containing multiple embedded OLE package objects. The ClamAV heuristic 'Win.Trojan.W-283' strongly suggests malicious intent, likely related to the exploitation of embedded objects. The document body content is unrelated to the embedded objects and appears to be a lure. No scripts were extracted, and no specific IOCs like URLs or hashes were found within the provided evidence.

Heuristics 1

  • ClamAV: Win.Trojan.W-283 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Win.Trojan.W-283

Extracted artifacts 9

Files carved from inside the sample during analysis.

FilenameKindSourceSize
ole10native_00.bin
58acece4f60f2f01b1876686382766dbeb260f19d11fd6c2fd71b164eb85500c		 ole-package OLE Ole10Native stream: ObjectPool/_920878233/Ole10Native 1700 bytes
ole10native_01.bin
26ff651362c45c5cf3ac36677e2f1c018bea44e044addc72297f22196be01487		 ole-package OLE Ole10Native stream: ObjectPool/_920878439/Ole10Native 1860 bytes
ole10native_02.bin
308f6465f6d148c5643a8b03840b0bf0859830e24ce1548aa4f4d9196c592fe3		 ole-package OLE Ole10Native stream: ObjectPool/_920878501/Ole10Native 2596 bytes
ole10native_03.bin
dbd0546e2b7e50487db19adda5e2ebe37ff7304c3b0dc9113efb5c150354df9b		 ole-package OLE Ole10Native stream: ObjectPool/_920878577/Ole10Native 5796 bytes
ole10native_04.bin
8cf011970d1b7b351247fd1be82d32f366e08785c8b669eda75fcb9f50740633		 ole-package OLE Ole10Native stream: ObjectPool/_920878663/Ole10Native 6372 bytes
ole10native_05.bin
03815926a6e1af806add594f2466b6b77e1f1a14274b0cd0a1672b210664c7df		 ole-package OLE Ole10Native stream: ObjectPool/_920878708/Ole10Native 1380 bytes
ole10native_06.bin
f9ba782e58bff749f8eff5873ce827e9f97e49b603be8e93aec3945c6e752bf3		 ole-package OLE Ole10Native stream: ObjectPool/_920878769/Ole10Native 2724 bytes
ole10native_07.bin
f0cb0557069a6583637b2bea7c6476a526459aeabf5e1998b5b0fd9e9c16b4cb		 ole-package OLE Ole10Native stream: ObjectPool/_920878838/Ole10Native 2404 bytes
ole10native_08.bin
68f9b48e705f41bddf4dbf31212595dd302535cc9f34057d0b52f19e0175ea6b		 ole-package OLE Ole10Native stream: ObjectPool/_920878896/Ole10Native 3684 bytes

Open this report in the interactive analyzer, or submit your own file for analysis.