Office (OLE) / .SEN malware analysis — malicious · b35b84c16721ee79

MALICIOUS

Office (OLE) / .SEN

82.3 KB Created: 2006-01-25 08:30:00 Authoring application: Microsoft Office Word

MD5: c543fdebe527acfe32d3d6fb369a72ab SHA-1: 9257b0a00ee397876efc377d710761a506637739 SHA-256: b35b84c16721ee79879e34f486e487154ae887ded22f1d68eddd595db2e77d5b

100 Risk Score

Malware Insights

The sample is an OLE document containing embedded Excel and PowerPoint objects. Heuristics indicate XOR-encoded strings and PEB access, suggesting obfuscated malicious code. While no specific VBA macros were extracted, the presence of embedded objects and encoding techniques points towards a downloader or dropper functionality.

Heuristics 2

XOR-encoded strings (key 0xFF) critical SC_XOR_ENCODED

Found 2 Windows library/API name(s) XOR-encoded with single-byte key 0xFF: 'LoadLibraryA', 'GetProcAddress'
PEB access via FS segment (x86) high SC_PEB_ACCESS

PEB access via FS segment (x86)

Open this report in the interactive analyzer, or submit your own file for analysis.