Malicious Office (OLE) — malware analysis report

Static analysis result for SHA-256 dcd2a0ee03b58a19…

MALICIOUS

Office (OLE)

87.5 KB Created: 2005-06-02 11:54:00 Authoring application: Microsoft Word 10.0
MD5: 109169adac07fe5c86fe878a3cdab8dc SHA-1: 506e3b8f8e8e50327c8218d5a3c8eb341068ca70 SHA-256: dcd2a0ee03b58a196a4ce1b64bcbea8c686c4cbd11b7fa3aefb71eab3011adbc
60 Risk Score

Malware Insights

MITRE ATT&CK
T1059.005 Visual Basic T1566.001 Spearphishing Attachment

The file is an OLE document containing VBA macros, specifically a Document_Open macro, which is a common technique for initial execution. The document body contains academic text, suggesting a lure to disguise the malicious intent. No specific IOCs were extracted, but the presence of a Document_Open macro indicates an attempt to execute code upon opening.

Heuristics 2

  • Document_Open macro high OLE_VBA_DOCOPEN
    Document_Open macro
  • VBA macros detected medium OLE_VBA_MACROS
    Document contains VBA macro code

Extracted artifacts 1

Files carved from inside the sample during analysis.

FilenameKindSourceSize
macros.bas
be1ad276196a68bac9a12df3eeec61e819e1b2608bf81d1b2df726604d7c462a		 vba-macro oletools.olevba.extract_macros (decoded VBA source) 3388 bytes

Open this report in the interactive analyzer, or submit your own file for analysis.