Office (OLE) / .DOC malware analysis — malicious · df1106002337e7ab

MALICIOUS

Office (OLE) / .DOC

14.0 KB Created: 1997-01-26 17:41:00 Authoring application: Microsoft Word for Windows 95

MD5: fb37bd8ebdbbb500d3de605a8050fe5d SHA-1: b228aa29938006eb93955a7cb44171a62cac2398 SHA-256: df1106002337e7ab60b44ab74072c52c68bbbf98a8bf35930d259cbeeae994e8

60 Risk Score

Malware Insights

The file is detected as Doc.Trojan.Wazzu-6 by ClamAV. The document body contains strings related to Microsoft Fax and macro execution, including 'autoOpen' and references to Normal.dot, suggesting a macro-based execution attempt. The embedded URL heuristic also indicates malicious intent. The primary attack vector appears to be social engineering through a fake Microsoft Fax document to lure the user into enabling macros, which would then likely download and execute a secondary payload.

Heuristics 1

ClamAV: Doc.Trojan.Wazzu-6 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Doc.Trojan.Wazzu-6

Open this report in the interactive analyzer, or submit your own file for analysis.