Office (OLE) malware analysis — malicious · e2483271f86e8edb

MALICIOUS

Office (OLE)

9.0 KB

MD5: 4eae181f4f0d45a389504ceae96ca07c SHA-1: 8e0a602eef48bff06f233dfcaf60d42f6ec32894 SHA-256: e2483271f86e8edb57ddcfad673b86b44ad9dc32c3f6c21086c2f786170a0870

60 Risk Score

Malware Insights

The file is identified as a macro virus by ClamAV. The document body contains VBA-like code and references to AutoOpen, AutoClose, and Appder functions, typical of macro malware. It also includes commands to modify or delete system files like AUTOEXEC.BAT and CONFIG.SYS, and create a new AUTOEXEC.BAT file, indicating an attempt to establish persistence or disrupt system startup.

Heuristics 1

ClamAV: Win.Trojan.W-283 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Win.Trojan.W-283

Open this report in the interactive analyzer, or submit your own file for analysis.