Malicious Office (OLE) — malware analysis report

Static analysis result for SHA-256 f17504a9153d2552…

MALICIOUS

Office (OLE)

296.5 KB Created: 1996-12-27 11:10:00 Authoring application: Microsoft Word 6.0 First seen: 2014-03-22
MD5: 192ed4fb54232f9f8d05045dbe01fb2e SHA-1: b5dd99b9bd2375d3bacb272adf7692cc08117fea SHA-256: f17504a9153d2552cfecafe2f4f8692223a4efdca2aff1ad91160bd0265d854f
80 Risk Score

Heuristics 2

  • ClamAV: Win.Tool.WM-6 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Win.Tool.WM-6
  • Legacy WordBasic auto-exec macro marker medium OLE_LEGACY_WORDBASIC_AUTOEXEC
    OLE Word document contains a legacy WordBasic auto-execution marker such as AutoOpen, but no modern VBA project was recovered and no stronger macro-virus family marker was present. This is analyst-facing evidence for old Word macro execution surface, not a downloader or parser-CVE attribution by itself.

Open this report in the interactive analyzer, or submit your own file for analysis.