Malicious Office (OLE) / .EXE — malware analysis report

Static analysis result for SHA-256 e362724c046a7584…

MALICIOUS

Office (OLE) / .EXE

23.0 KB Created: 1999-09-08 05:49:21 Authoring application: Microsoft Excel
MD5: d6249f316e307af476c30b505c582d0a SHA-1: 547a592253bacff76585c146ce84432c7872c898 SHA-256: e362724c046a7584197f7fa5e91efc967bc49abe691970b0c70c1d52e6018682
60 Risk Score

Malware Insights

MITRE ATT&CK
T1059.005 Visual Basic

The file is an Excel document containing a VBA macro, specifically an Auto_Open macro, which is a common technique for initial execution. The macro source is 1888 bytes, indicating potentially complex malicious logic. The presence of an Auto_Open macro strongly suggests the intent to execute arbitrary code immediately upon opening the document, likely for further payload delivery or system compromise.

Heuristics 2

  • Auto_Open macro high OLE_VBA_AUTO
    Auto_Open macro
  • VBA macros detected medium OLE_VBA_MACROS
    Document contains VBA macro code

Extracted artifacts 1

Files carved from inside the sample during analysis.

FilenameKindSourceSize
macros.bas
88725e4025b1641712b3b12d32dbe240f40d48c1556f78cc52673b7faa54bfdf		 vba-macro oletools.olevba.extract_macros (decoded VBA source) 1888 bytes

Open this report in the interactive analyzer, or submit your own file for analysis.