Win.Trojan.Laroux-63 — Office (OLE) malware analysis

Static analysis result for SHA-256 eee99e91096ef638…

MALICIOUS

Office (OLE)

87.0 KB Created: 1980-01-05 11:34:18 Authoring application: Microsoft Excel First seen: 2012-06-14
MD5: 2368a1cdcce45eabe504b02cc7216562 SHA-1: 1d724dea6c69f68188e02da8fffd2eb466c10b16 SHA-256: eee99e91096ef63846fbb7e13357a32463c8321417c4a99cc15e6d683846d88f
120 Risk Score

Malware Insights

Win.Trojan.Laroux-63 · confidence 95%

MITRE ATT&CK
T1059.005 Visual Basic

The file is identified as a malicious Excel 5 macro-virus, specifically Win.Trojan.Laroux-63. Heuristic analysis indicates the presence of the Laroux macro virus markers, suggesting it attempts to execute malicious code when the document is opened. No specific IOCs were extracted beyond the family identification.

Heuristics 2

  • ClamAV: Win.Trojan.Laroux-63 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Win.Trojan.Laroux-63
  • Excel 5 Laroux/Larou-CV macro-virus marker cluster critical OLE_XLS5_LAROUX_MACRO_VIRUS
    Legacy Excel workbook contains a Laroux/Larou-CV macro-virus marker cluster including auto_open execution and workbook/module replication strings. This is a narrow indicator for an infected legacy Excel macro workbook.

Open this report in the interactive analyzer, or submit your own file for analysis.