Xls.Downloader.GreenEnable06210-9869360-0 — Office (OOXML) malware analysis

Static analysis result for SHA-256 c16bb5c444f700b5…

MALICIOUS

Office (OOXML)

165.4 KB Created: 2015-06-05 18:19:34 UTC Authoring application: Microsoft Excel 16.0300 First seen: 2021-07-13
MD5: f826eb1caf01af0d68e10e623dafa57c SHA-1: 80bd86dff45a1156aea373913519708836e8ae5c SHA-256: c16bb5c444f700b5428f548e36f90b7ae83eeda9d865a8bbb8ed58754d3e564a
60 Risk Score

Malware Insights

Xls.Downloader.GreenEnable06210-9869360-0 · confidence 90%

MITRE ATT&CK
T1204.002 Malicious File

The file was detected by ClamAV as Xls.Downloader.GreenEnable06210-9869360-0. The document body contains VBA code that attempts to download a file from the listed IP addresses using rundll32. The execution of this downloaded file is intended to compromise the user's system.

Heuristics 1

  • ClamAV: Xls.Downloader.GreenEnable06210-9869360-0 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Xls.Downloader.GreenEnable06210-9869360-0

Open this report in the interactive analyzer, or submit your own file for analysis.