Malicious Office (OLE) — malware analysis report

Static analysis result for SHA-256 eb1a364d4cc63513…

MALICIOUS

Office (OLE)

106.9 KB Created: 2018-12-07 18:45:00 Authoring application: Microsoft Office Word First seen: 2019-01-12
MD5: 36cc9f7d948c59c25ac3e3387893f5a5 SHA-1: c0a4108c3c07e4b68d4bcb1423b031ecb737bc1d SHA-256: eb1a364d4cc63513ad7b4a31732182eece5d27f4c942b1d2ab296676179b4af6
82 Risk Score

Heuristics 3

  • Suspicious cmd.exe invocation with execution flag high SC_STR_CMD
    Suspicious cmd.exe invocation with execution flag
  • Reference to PowerShell high SC_STR_POWERSHELL
    Reference to PowerShell
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://schemas.openxmlformats.org/drawingml/2006/main In document text (OLE body)