Win.Trojan.Dietzel-1 — Office (OLE) malware analysis

Static analysis result for SHA-256 e085c3321a5333c8…

MALICIOUS

Office (OLE)

14.5 KB Created: 1996-07-22 17:46:00 Authoring application: Microsoft Word for Windows 95 First seen: 2012-06-14
MD5: ec5d11a30d7a1e16c97168b7d15387a8 SHA-1: dec2a77af2b001d35b431b7180ca6a08e09abd48 SHA-256: e085c3321a5333c89e7d685e97cb44746c4557c8bdb8cf106c72c686caf505df
60 Risk Score

Malware Insights

Win.Trojan.Dietzel-1 · confidence 85%

The file is detected as Win.Trojan.Dietzel-1 by ClamAV, indicating malicious intent. The extracted document body contains numerous references to VBA macro functions and dialogs, suggesting the presence and manipulation of macros. The truncated path 'C:\TEMP\TEST\Makrovirus getarnt.Bak' is repeatedly referenced, likely indicating a dropped or related malicious file.

Heuristics 1

  • ClamAV: Win.Trojan.Dietzel-1 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Win.Trojan.Dietzel-1