Office (OLE) malware analysis — malicious · e39e1f6b68b1eb3a

MALICIOUS

Office (OLE)

203.5 KB Created: 2009-04-03 02:50:33 Authoring application: Microsoft Excel First seen: 2015-10-06

MD5: 78911b90816d1a3534a9269dbfadf4a0 SHA-1: 934a55ee27b93d7c87f6728bd83968fab5d923ac SHA-256: e39e1f6b68b1eb3a06f3c3276b3b6847572db9435f556ec2e0d679ad2980ec89

140 Risk Score

Heuristics 3

Legacy Excel formula macro virus marker critical OLE_XLS_FORMULA_MACRO_VIRUS

Workbook stream contains self-identifying legacy Excel formula macro virus markers. This indicates the document carries formula macro virus content even when no VBA project or modern XLM macro-sheet structure is present.
Legacy XLM macro-virus family marker critical OLE_XLM_LEGACY_MACRO_VIRUS

Workbook contains an Excel 4.0 macro sheet and legacy macro-virus family or workbook-replication strings. This is a narrow indicator for infected XLM workbooks rather than ordinary formula use.
Excel 4.0 (XLM) macro sheet present medium OLE_XLM_AUTOOPEN

Workbook contains an Excel 4.0 macro sheet sub-stream — XLM is rarely seen in modern legitimate workbooks and was a major Office malware vector during 2020-2022.

Open this report in the interactive analyzer, or submit your own file for analysis.