Malicious Office (OLE) / .EXE — malware analysis report

Static analysis result for SHA-256 b9378ddd4266f9f4…

MALICIOUS

Office (OLE) / .EXE

82.0 KB Created: 2002-04-22 03:37:14 Authoring application: Microsoft Excel
MD5: 7749758fe0519a30c296a9db8098edd5 SHA-1: 76f6964798dcc9c34192e54d7c0dba403c0fd7f6 SHA-256: b9378ddd4266f9f46978702ad5a0b33bc92b4458cfdb32cf9cb4e20dc5a0d168
60 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment T1059.005 Visual Basic

The file is an Office document containing a VBA Auto_Open macro, indicating it is designed to execute malicious code automatically when opened. The macro source is 2246 bytes, suggesting it contains executable logic. The specific actions of the macro could not be determined due to the lack of script content, but its presence and the Auto_Open trigger strongly suggest a malicious intent, likely for initial execution of a payload.

Heuristics 2

  • Auto_Open macro high OLE_VBA_AUTO
    Auto_Open macro
  • VBA macros detected medium OLE_VBA_MACROS
    Document contains VBA macro code

Extracted artifacts 1

Files carved from inside the sample during analysis.

FilenameKindSourceSize
macros.bas
25619e656db53dba66520b2d6ec2aba9ceb1909d5832ac3e5d12500551999086		 vba-macro oletools.olevba.extract_macros (decoded VBA source) 2246 bytes

Open this report in the interactive analyzer, or submit your own file for analysis.