Office (OLE) / .EXE malware analysis — malicious · e57a222ff044e7f3

MALICIOUS

Office (OLE) / .EXE

23.5 KB Created: 1993-09-28 16:08:00 Authoring application: Microsoft Word for Windows 95

MD5: f82d38ec6a6681b52419616685397f9f SHA-1: f71df3c68cebbedcd7e620d2824a0d0d8e4f4f29 SHA-256: e57a222ff044e7f3473261c910481d6ac9a9d5cb2edac20f0c820c47a7057cac

60 Risk Score

Malware Insights

MITRE ATT&CK

T1566.001 Spearphishing Attachment T1204.002 Malicious File

The file is detected as Win.Trojan.Nuclear-6 by ClamAV, indicating a known trojan. The document body contains seemingly innocuous text about concerts, sales, and gems, which serves as a lure. The embedded URL heuristic suggests the presence of a link within the document, likely to download a malicious payload. The file's metadata indicates it's an OLE file, often used for macro-based attacks or as a container for executables.

Heuristics 1

ClamAV: Win.Trojan.Nuclear-6 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Win.Trojan.Nuclear-6

Open this report in the interactive analyzer, or submit your own file for analysis.