Office (OLE) / .XLS malware analysis — malicious · b6e59767308ff008

MALICIOUS

Office (OLE) / .XLS

54.0 KB Created: 1998-06-14 16:49:53 Authoring application: Microsoft Excel

MD5: 24e0da088a20dd0296cd4b202f35ea06 SHA-1: 63c903585bf2b7328365101199ae999a0f6f8883 SHA-256: b6e59767308ff008077a0bf0e25c54f8090c0ac68ae731b54f59fbe93c2f21ca

60 Risk Score

Malware Insights

MITRE ATT&CK

T1559.001 Component Object Model Hijacking

The sample is an Excel spreadsheet containing an embedded Portable Executable (PE) file. The document body appears to be a list of names and scores, likely intended to distract from the embedded malicious content. The primary attack vector is the delivery of a secondary executable payload disguised within the spreadsheet.

Heuristics 1

Embedded PE executable critical OLE_EMBEDDED_EXE

MZ/PE header found inside document — possible embedded executable

Extracted artifacts 1

Files carved from inside the sample during analysis.

Filename	Kind	Source	Size
`embedded_office_0000866e.exe` `77c3e688c84a31c154119740612d1e38329d7ce1c9538ac4384b2079564a1d0f`	embedded-pe	Office MZ+PE at offset 0x866E	20882 bytes

Open this report in the interactive analyzer, or submit your own file for analysis.