Laroux Office (OLE) / .EXE malware analysis — malicious · b0b810a497f68741

MALICIOUS

Office (OLE) / .EXE

32.5 KB Created: 1980-01-05 11:30:37 Authoring application: Microsoft Excel

MD5: a74f6a55c1bac6802606a626f37a9e7b SHA-1: 8100990bc9cb445b28a35a7bdd1b5ae8a21194ed SHA-256: b0b810a497f687412a2d8ded4204e55b3084249838e1551aacb0e87052894275

62 Risk Score

Malware Insights

Laroux · confidence 85%

MITRE ATT&CK

T1059.005 Visual Basic

The critical heuristic firing 'OLE_XLS5_LAROUX_MACRO_VIRUS' strongly indicates the presence of the Laroux macro virus, known for its self-replication and auto-execution capabilities within older Excel versions. The 'auto_open' and 'OnSheetActivate' markers further support this. No document body or script content was extractable, limiting further analysis of its specific payload or delivery mechanism.

Heuristics 2

Excel 5 Laroux macro-virus marker cluster critical OLE_XLS5_LAROUX_MACRO_VIRUS

Legacy Excel workbook contains the Laroux macro-virus marker cluster including the hidden laroux module, auto_open/check_files routines, and PERSONAL.XLS replication strings. This is a narrow indicator for an infected legacy Excel macro workbook.
Unsupported Office format for VBA extraction info OFFICE_FORMAT_UNSUPPORTED

olevba could not extract VBA macros (PermissionError); format-agnostic byte-level scans still ran. Likely legacy, encrypted, or malformed OLE/OOXML — re-scanning the same bytes will yield the same outcome.

Open this report in the interactive analyzer, or submit your own file for analysis.