Malicious Office (OLE) / .XLS — malware analysis report

Static analysis result for SHA-256 c40736a2eb3b5f47…

MALICIOUS

Office (OLE) / .XLS

26.0 KB Created: 1996-10-08 23:32:33 Authoring application: Microsoft Excel
MD5: 712591a5ddb43db21a2ddb58c519e464 SHA-1: 0a4776ec37ae5e608626c7919687223cd1fd7441 SHA-256: c40736a2eb3b5f47fa27594ff1d4e92196c60a6f384c69eb794811b6c8f403a5
60 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1059.005 Visual Basic

The file is an Excel spreadsheet containing VBA macros. A high-severity heuristic indicates the presence of a Workbook_Open macro, which is commonly used to automatically execute malicious code when the workbook is opened. No other IOCs or script content were extracted to further detail the payload or delivery mechanism.

Heuristics 2

  • Workbook_Open macro high OLE_VBA_WBOPEN
    Workbook_Open macro
  • VBA macros detected medium OLE_VBA_MACROS
    Document contains VBA macro code

Extracted artifacts 1

Files carved from inside the sample during analysis.

FilenameKindSourceSize
macros.bas
7c91580ac203207be3d2131c64491d0d66bc976d6d5932728b3473da5c730dfc		 vba-macro oletools.olevba.extract_macros (decoded VBA source) 3584 bytes

Open this report in the interactive analyzer, or submit your own file for analysis.