Malicious Office (OLE) — malware analysis report

Static analysis result for SHA-256 ebd3f91201af66a0…

MALICIOUS

Office (OLE)

105.5 KB Created: 1998-07-14 01:48:00 Authoring application: Microsoft Word for Windows 95
MD5: 112f4d85ddaa5de552a2473b40489b05 SHA-1: e6b07405c7fd179f53bb2fbd69a611dd53444108 SHA-256: ebd3f91201af66a041e6852ce0b80448461dd46b092a0a4438f2ba2ccdf245ff
60 Risk Score

Malware Insights

MITRE ATT&CK
T1204.002 Malicious File

The file is identified as malicious by ClamAV with the signature Win.Trojan.Tm-1. The file's metadata indicates it is a Microsoft Word 95 document, a version known to be vulnerable to various exploits. The document body contains unusual strings and what appear to be internal Word structures, suggesting it may be crafted to trigger a specific vulnerability. No scripts were extracted, and no URLs were found, limiting further analysis of the payload.

Heuristics 1

  • ClamAV: Win.Trojan.Tm-1 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Win.Trojan.Tm-1

Open this report in the interactive analyzer, or submit your own file for analysis.