Malware Insights
The file is an Excel spreadsheet containing a Workbook_Open VBA macro, indicating it's designed to execute code automatically when opened. The macro source is substantial, suggesting complex functionality. While the document body contains what appears to be retail location data, it lacks any clear call to action or context for enabling macros. The primary heuristic indicates the presence of a Workbook_Open macro, which is a common technique for initiating malicious actions upon file opening. No specific IOCs like URLs or hashes were extracted, but the presence of the macro strongly suggests a malicious intent, likely to download and execute a secondary payload.
Heuristics 2
-
Workbook_Open macro high OLE_VBA_WBOPENWorkbook_Open macro
-
VBA macros detected medium OLE_VBA_MACROSDocument contains VBA macro code
Extracted artifacts 1
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
macros.bas72fe894a7e163a27b410155945350051399ca3bb131b64cfb3102108beec3a38 |
vba-macro | oletools.olevba.extract_macros (decoded VBA source) | 317531 bytes |
Open this report in the interactive analyzer, or submit your own file for analysis.