Malicious Office (OLE) — malware analysis report

Static analysis result for SHA-256 dafd8ab09b77b74a…

MALICIOUS

Office (OLE)

114.0 KB Created: 2003-09-02 15:59:00 Authoring application: Microsoft Word 8.0
MD5: efcd2043a5cb69bca1e711c954b74f5a SHA-1: bbf50c2204a9ac1a2dbb701b245339ecbb626998 SHA-256: dafd8ab09b77b74a5eafdcf4b32bdfbebec5ba517d03289d301f9e992c6b9314
60 Risk Score

Malware Insights

MITRE ATT&CK
T1059.005 Visual Basic

The file is a Microsoft Word document containing a VBA macro. The 'AutoOpen' macro heuristic indicates that the malicious code is designed to execute automatically upon opening the document. No specific family could be identified, and no external IOCs were extracted from the sample.

Heuristics 2

  • AutoOpen macro high OLE_VBA_AUTOOPEN
    AutoOpen macro
  • VBA macros detected medium OLE_VBA_MACROS
    Document contains VBA macro code

Extracted artifacts 1

Files carved from inside the sample during analysis.

FilenameKindSourceSize
macros.bas
d19862a71aff431f73ec3a529505d1574d686aa9648b76244a6967fbcd3fcfda		 vba-macro oletools.olevba.extract_macros (decoded VBA source) 1209 bytes

Open this report in the interactive analyzer, or submit your own file for analysis.