Malicious Office (OLE) / .RL — malware analysis report

Static analysis result for SHA-256 f2ab204255c30878…

MALICIOUS

Office (OLE) / .RL

144.8 KB Created: 2007-01-19 05:34:10 Authoring application: Microsoft Excel First seen: 2026-06-21
MD5: c574926af45f972190b008d6c8ff3d4e SHA-1: 46181cf01e08b1760cecac95bbd486dd3b808988 SHA-256: f2ab204255c3087814a638b297e248b2c2e81bd3682bdcdd52cf4baff539d1d3
160 Risk Score

Heuristics 4

  • x86 GetPC stub (CALL $+5; POP EBX) high SC_GETPC_CALL
    x86 GetPC stub (CALL $+5; POP EBX)
  • Heap-spray pattern detected high SC_HEAP_SPRAY
    Repeated 0x41 (A) bytes found
  • Reference to LoadLibrary API high SC_STR_LOADLIBRARY
    Reference to LoadLibrary API
  • Reference to GetProcAddress API high SC_STR_GETPROCADDRESS
    Reference to GetProcAddress API

Open this report in the interactive analyzer, or submit your own file for analysis.