Malicious Office (OLE) / .DOT — malware analysis report

Static analysis result for SHA-256 b14e00aaa30c42f9…

MALICIOUS

Office (OLE) / .DOT

37.0 KB Created: 1999-07-01 10:17:00 Authoring application: Microsoft Word 8.0
MD5: 75b9bb13fbaedab7e53db4896c171056 SHA-1: 8290e9554126106cbb6bb5f9e2e338f4c0ac8fb0 SHA-256: b14e00aaa30c42f9158142512d45ed2362bddea2bf8b95d2761d7f75bad9d32d
60 Risk Score

Malware Insights

MITRE ATT&CK
T1059.005 Visual Basic

The sample is an Office DOT template file containing VBA macros. A high-severity heuristic indicates the presence of an AutoOpen macro, which is commonly used to automatically execute malicious code when the document is opened. No document body text was available for analysis, but the presence of the AutoOpen macro strongly suggests an intent to run arbitrary code. No specific family could be identified.

Heuristics 2

  • AutoOpen macro high OLE_VBA_AUTOOPEN
    AutoOpen macro
  • VBA macros detected medium OLE_VBA_MACROS
    Document contains VBA macro code

Extracted artifacts 1

Files carved from inside the sample during analysis.

FilenameKindSourceSize
macros.bas
5d0b7c68ae791e0b98aa80057134f498ef80292e336ca53220549e69dd3a1d2c		 vba-macro oletools.olevba.extract_macros (decoded VBA source) 2937 bytes

Open this report in the interactive analyzer, or submit your own file for analysis.