Malicious Office (OLE) — malware analysis report

Static analysis result for SHA-256 f3a149eb5524999d…

MALICIOUS

Office (OLE)

26.0 KB Created: 1997-04-25 08:06:33 Authoring application: Microsoft Excel First seen: 2012-06-14
MD5: f360952f23d8f2f822d583b45b7c1054 SHA-1: 81716cd480f599e0a70ca5323b463754aebc54b1 SHA-256: f3a149eb5524999d4e04d02a02f4b75787cf3d998a0e985f7ef03d3cbef35613
60 Risk Score

Malware Insights

The file is an OLE document with a ClamAV heuristic firing for 'Legacy.Trojan.Agent-478'. The document body contains obfuscated Japanese characters and English text indicating it is a 'Virus Goat file', which strongly suggests malicious intent. No specific IOCs were extracted, but the heuristic indicates a trojan payload.

Heuristics 1

  • ClamAV: Legacy.Trojan.Agent-478 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Legacy.Trojan.Agent-478