Wazzu — Office (OLE) / .EXE malware analysis

Static analysis result for SHA-256 c5fac2a0f83a03bb…

MALICIOUS

Office (OLE) / .EXE

15.0 KB Created: 1996-06-08 16:22:00 Authoring application: Microsoft Word 6.0
MD5: 20c7de7790b337cd4ae56745856fa5d3 SHA-1: 45a5f52dfb5e5bf25d63f023c63ee697cffd8c6a SHA-256: c5fac2a0f83a03bb9ac545e293c8e74ed31503b53586d5c2ab0ed81ce79dfd3e
60 Risk Score

Malware Insights

Wazzu · confidence 95%

The sample was detected as Win.Trojan.Wazzu-46 by ClamAV. The extracted document body and VBA macro code indicate that this is the Wazzu macro virus. The macro attempts to copy itself to the Normal.dot template and other documents, likely to achieve persistence and spread.

Heuristics 1

  • ClamAV: Win.Trojan.Wazzu-46 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Win.Trojan.Wazzu-46

Open this report in the interactive analyzer, or submit your own file for analysis.