Win.Trojan.Randomic-1 — Office (OLE) malware analysis

Static analysis result for SHA-256 f0be5d6089d810d2…

MALICIOUS

Office (OLE)

11.5 KB Created: 1997-02-07 17:28:00 Authoring application: Microsoft Word 6.0 First seen: 2012-06-14
MD5: 511e4093c7688c0ca414a5cdce16078e SHA-1: e5dfc4ba0fe3eecb1b2f1876da5255c7a12dda43 SHA-256: f0be5d6089d810d2cf80b8fb4e607f86d3019824f25ff98a9b4f0acb6134c896
68 Risk Score

Malware Insights

Win.Trojan.Randomic-1 · confidence 85%

MITRE ATT&CK
T1566.001 Spearphishing Attachment

The file is identified as malicious by ClamAV with the signature Win.Trojan.Randomic-1. The document body contains alarming text such as 'Your system is infected with the RANDOMIC macro virus.' and 'Immediately stop your work, or you will regret it.', which is a common social engineering tactic to instill urgency. The presence of embedded document paths like 'C:\RANDOMIC.DOC' suggests potential payload locations or origins.

Heuristics 2

  • ClamAV: Win.Trojan.Randomic-1 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Win.Trojan.Randomic-1
  • Urgency / deadline lure low SE_URGENCY_LURE
    Document contains urgency or deadline language ('account will be terminated', 'action required within 24 hours', etc.) — useful context, but low-signal without other findings

Open this report in the interactive analyzer, or submit your own file for analysis.