Office (OOXML) / .DOC static analysis report

Static analysis result for SHA-256 bd40c134053f289f…

SUSPICIOUS

Office (OOXML) / .DOC

230.7 KB Created: 2022-01-23 13:16:00 UTC Authoring application: Microsoft Office Word 16.0000 First seen: 2026-05-28
MD5: 2a87b50e5ded087310f1e445cdeb4da2 SHA-1: d4330071e775ab5f432e4b4b5a298dd3f3d17a2d SHA-256: bd40c134053f289f426cad93a0524089bc28cdc8864aaadc4bc29fb90141e2a9
50 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment

The document contains an external hyperlink to a mailto address, suggesting a social engineering attempt to solicit contact. The presence of external relationships and embedded URLs further indicates the document's structure is designed to interact with external resources or prompt user action. No scripts were extracted from this sample.

Heuristics 3

  • External relationship high OOXML_EXTERNAL_REL
    External target in word/_rels/settings.xml.rels: file:///C:\Users\robin\Documents\Basketball\Dokumente\WordmitFusszeilemitAusrüster.dotx
  • External hyperlinks (3) low OOXML_EXTERNAL_HYPERLINKS
    Document contains 3 external hyperlinks — clickable URLs are stored as external relationships. First target: mailto:sms@basket-frauenfeld.ch
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://www.basket-frauenfeld.ch/schuelermeisterschaften Document hyperlink
    • https://pay.raisenow.io/znybtDocument hyperlink
    • http://www.basket-frauenfeld.chDocument hyperlink
    • http://schemas.microsoft.com/office/word/2010/wordprocessingCanvasDocument hyperlink
    • http://schemas.microsoft.com/office/drawing/2014/chartexDocument hyperlink
    • http://schemas.microsoft.com/office/drawing/2015/9/8/chartexDocument hyperlink
    • http://schemas.microsoft.com/office/drawing/2015/10/21/chartexDocument hyperlink
    • http://schemas.microsoft.com/office/drawing/2016/5/9/chartexDocument hyperlink
    • http://schemas.microsoft.com/office/drawing/2016/5/10/chartexDocument hyperlink
    • http://schemas.microsoft.com/office/drawing/2016/5/11/chartexDocument hyperlink
    • http://schemas.microsoft.com/office/drawing/2016/5/12/chartexDocument hyperlink
    • http://schemas.microsoft.com/office/drawing/2016/5/13/chartexDocument hyperlink
    • http://schemas.microsoft.com/office/drawing/2016/5/14/chartexDocument hyperlink
    • http://schemas.openxmlformats.org/markup-compatibility/2006Document hyperlink
    • http://schemas.microsoft.com/office/drawing/2016/inkDocument hyperlink
    • http://schemas.microsoft.com/office/drawing/2017/model3dDocument hyperlink
    • http://schemas.openxmlformats.org/officeDocument/2006/relationshipsDocument hyperlink
    • http://schemas.openxmlformats.org/officeDocument/2006/mathDocument hyperlink
    • http://schemas.microsoft.com/office/word/2010/wordprocessingDrawingDocument hyperlink
    • http://schemas.openxmlformats.org/drawingml/2006/wordprocessingDrawingDocument hyperlink
    • http://schemas.openxmlformats.org/wordprocessingml/2006/mainDocument hyperlink
    • http://schemas.microsoft.com/office/word/2010/wordmlDocument hyperlink
    • http://schemas.microsoft.com/office/word/2012/wordmlDocument hyperlink
    • http://schemas.microsoft.com/office/word/2018/wordml/cexDocument hyperlink
    • http://schemas.microsoft.com/office/word/2016/wordml/cidDocument hyperlink
    • http://schemas.microsoft.com/office/word/2018/wordmlDocument hyperlink
    • http://schemas.microsoft.com/office/word/2020/wordml/sdtdatahashDocument hyperlink
    • http://schemas.microsoft.com/office/word/2015/wordml/symexDocument hyperlink
    • http://schemas.microsoft.com/office/word/2010/wordprocessingGroupDocument hyperlink
    • http://schemas.microsoft.com/office/word/2010/wordprocessingInkDocument hyperlink
    • http://schemas.microsoft.com/office/word/2006/wordmlDocument hyperlink
    • http://schemas.microsoft.com/office/word/2010/wordprocessingShapeDocument hyperlink
    • http://www.w3.org/1999/02/22-rdf-syntax-ns#Document hyperlink
    • http://purl.org/dc/elements/1.1/Document hyperlink
    • http://ns.adobe.com/xap/1.0/Document hyperlink
    • http://ns.adobe.com/xap/1.0/mm/Document hyperlink
    • http://ns.adobe.com/xap/1.0/sType/ResourceRef#Document hyperlink
    • http://ns.adobe.com/xap/1.0/sType/ResourceEvent#Document hyperlink
    • http://ns.adobe.com/illustrator/1.0/Document hyperlink
    • http://ns.adobe.com/xap/1.0/t/pg/Document hyperlink
    • http://ns.adobe.com/xap/1.0/sType/Dimensions#Document hyperlink
    • http://ns.adobe.com/xap/1.0/g/Document hyperlink
    • http://ns.adobe.com/pdf/1.3/Document hyperlink
    • http://ns.adobe.com/photoshop/1.0/Document hyperlink
    • http://ns.adobe.com/xap/1.0/g/img/Document hyperlink