Malicious Office (OLE) / .PPT — malware analysis report

Static analysis result for SHA-256 afa22b9e12e574c0…

MALICIOUS

Office (OLE) / .PPT

207.8 KB Created: 1601-01-01 00:00:00 Authoring application: Microsoft PowerPoint First seen: 2012-06-14
MD5: 5ca062d18f2460319ffad723484d711c SHA-1: 55bd629786c19a9fd15fd08e21a40e624641bac8 SHA-256: afa22b9e12e574c0a31681ec76c0659e03cef5900ae412a7aa1ece9d83127899
60 Risk Score

Malware Insights

MITRE ATT&CK
T1203 Exploitation for Client Execution

The file is a PowerPoint document that triggers a critical heuristic for CVE-2006-0022, indicating exploitation of a malformed TextHeaderAtom. This vulnerability is used for client execution. No other malicious indicators or document body content were extracted.

Heuristics 1

  • CVE-2006-0022 — PowerPoint malformed TextHeaderAtom critical CVE exact CVE_2006_0022
    The PowerPoint Document stream contains a malformed TextHeaderAtom whose textType is outside the valid range. This is the OffVis-compatible structural trigger for the MS06-028 PowerPoint malformed-record vulnerability.

Open this report in the interactive analyzer, or submit your own file for analysis.