Malicious Office (OLE) — malware analysis report

Static analysis result for SHA-256 e54b8f0e2d2f4891…

MALICIOUS

Office (OLE)

33.5 KB Created: 1999-02-08 09:24:15 Authoring application: Microsoft Excel First seen: 2012-06-14
MD5: c9a3ee64e60ab629a1ca2a371457986a SHA-1: 057df2647eb849525d73df2b4bc113bfc74932d1 SHA-256: e54b8f0e2d2f4891058e624678246660519858e6a834d1923151c06a0286f007
60 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment

The file is identified as malicious by ClamAV with the signature Win.Trojan.Forecast-1. The document body contains garbled text and repeated strings that do not provide clear instructions, suggesting an attempt to obfuscate the malicious intent. The presence of the 'authoring_application: Microsoft Excel' indicates it is likely a macro-enabled spreadsheet designed to deliver a payload.

Heuristics 1

  • ClamAV: Win.Trojan.Forecast-1 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Win.Trojan.Forecast-1