Office (OOXML) / .XLSX malware analysis — malicious · afed77ff54c0466d

MALICIOUS

Office (OOXML) / .XLSX

9.9 KB Created: 2017-06-26 11:42:29 UTC Authoring application: Microsoft Excel 15.0300 First seen: 2026-06-06

MD5: 8a7d727847bd2ae1aee758c83162bffd SHA-1: e23073e1688e8e0cbed7f49c18c328aac9e113eb SHA-256: afed77ff54c0466d6c67c331609174e59e88ecd29b613ed8145e18970b579c68

120 Risk Score

Heuristics 2

ClamAV: Xml.Exploit.DDE_Abuse-9987933-1 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xml.Exploit.DDE_Abuse-9987933-1
Spreadsheet DDE link launches a dangerous command critical OOXML_SPREADSHEET_DDE_MALICIOUS

Excel workbook contains an externalLinks/ddeLink entry whose ddeService/ddeTopic launches a dangerous executable. This is SpreadsheetML DDE command execution, distinct from WordprocessingML DDE field instructions.

Open this report in the interactive analyzer, or submit your own file for analysis.