Malicious Office (OLE) / .EXE — malware analysis report

Static analysis result for SHA-256 dfa212485aac9bbc…

MALICIOUS

Office (OLE) / .EXE

74.5 KB Created: 1999-02-08 09:24:15 Authoring application: Microsoft Excel
MD5: dbce10c6e0a0baa5d70df35f90691739 SHA-1: 9bed76bb4d6ba8c44b153afa787e11fa206a00ad SHA-256: dfa212485aac9bbc82f7b074dfc392683b28008c5afe4fbab88bc00c3064a1aa
60 Risk Score

Malware Insights

MITRE ATT&CK
T1059.005 Visual Basic

The file is identified as a malicious Excel OLE file. Static analysis detected the presence of VBA macros, specifically an Auto_Open macro, which is a common technique for executing malicious code automatically when the document is opened. The macros are 1993 bytes in size, suggesting potentially complex functionality. No specific IOCs like URLs or hashes were extracted, but the presence of the Auto_Open macro strongly indicates an attempt to run malicious code.

Heuristics 2

  • Auto_Open macro high OLE_VBA_AUTO
    Auto_Open macro
  • VBA macros detected medium OLE_VBA_MACROS
    Document contains VBA macro code

Extracted artifacts 1

Files carved from inside the sample during analysis.

FilenameKindSourceSize
macros.bas
f786d5756838896e7dffc63d9ca257984391d313be267931d1dc3275099c91fd		 vba-macro oletools.olevba.extract_macros (decoded VBA source) 1993 bytes

Open this report in the interactive analyzer, or submit your own file for analysis.