Xls.Downloader.GreenEnable06210-9869360-0 — Office (OOXML) malware analysis

Static analysis result for SHA-256 ec9bd9bd68ad5e07…

MALICIOUS

Office (OOXML)

167.6 KB Created: 2015-06-05 18:19:34 UTC Authoring application: Microsoft Excel 16.0300 First seen: 2021-07-13
MD5: b74012abb317a14dfdebae4836858507 SHA-1: b9d6a6b5b614ac448dcbcaede37822de15905353 SHA-256: ec9bd9bd68ad5e078de16556c7336383d1ecb892dcf8619cee81b7c4883c4a05
60 Risk Score

Malware Insights

Xls.Downloader.GreenEnable06210-9869360-0 · confidence 90%

MITRE ATT&CK
T1204.002 Malicious File

The file was detected by ClamAV as Xls.Downloader.GreenEnable06210-9869360-0. The document body contains VBA code that attempts to download a file from the listed IP addresses using rundll32. The execution of this downloaded file is intended to compromise the user's system.

Heuristics 1

  • ClamAV: Xls.Downloader.GreenEnable06210-9869360-0 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Xls.Downloader.GreenEnable06210-9869360-0

Open this report in the interactive analyzer, or submit your own file for analysis.