Office (OLE) / .XLS malware analysis — malicious · b37e1cd809489a2c

MALICIOUS

Office (OLE) / .XLS

418.5 KB Created: 2009-04-18 02:17:36 Authoring application: Microsoft Excel

MD5: 44aa388f621dd86f29ac3d90648b792a SHA-1: 94ad77daa20e3ec56bfa99ba625b78ca290216dd SHA-256: b37e1cd809489a2c440559a1e6e584e62b3a6b6a1f8a91a508e866e2086a9751

60 Risk Score

Malware Insights

MITRE ATT&CK

T1059.005 Visual Basic for Applications

The file is an Excel spreadsheet containing what appears to be a price list for electrical cables. A critical heuristic firing indicates the presence of a legacy Excel formula macro virus, specifically mentioning 'Poppy by VicodinES' and 'Narkotic Network'. This suggests the file is designed to deliver a malicious payload through these legacy macro capabilities.

Heuristics 1

Legacy Excel formula macro virus marker critical OLE_XLS_FORMULA_MACRO_VIRUS

Workbook stream contains self-identifying legacy Excel formula macro virus markers. This indicates the document carries formula macro virus content even when no VBA project or modern XLM macro-sheet structure is present.

Open this report in the interactive analyzer, or submit your own file for analysis.