Win.Trojan.Vicis-1 — Office (OLE) malware analysis

Static analysis result for SHA-256 f4052d602d46c980…

MALICIOUS

Office (OLE)

15.0 KB Created: 1997-07-16 17:38:00 Authoring application: Microsoft Word for Windows 95 First seen: 2012-06-14
MD5: 13263dd8ff66fcc6ea51c69a21676b34 SHA-1: 8dbaf65bb050789824ef83ddbc586b315ec0d38f SHA-256: f4052d602d46c980dd6b10c20b9318ca36c3aaaf72bf98edea52c9e6341ea103
60 Risk Score

Malware Insights

Win.Trojan.Vicis-1 · confidence 95%

The file is identified as malicious by ClamAV with the signature Win.Trojan.Vicis-1. The embedded document body contains VBA macro code and text explicitly mentioning infection by the 'Vicissitator Macro Virus' and attributing it to 'CyberYoda A Member of the SLAM Virus Team'. The macro code itself appears to be designed for obfuscation and mutation, typical of older macro viruses.

Heuristics 1

  • ClamAV: Win.Trojan.Vicis-1 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Win.Trojan.Vicis-1

Open this report in the interactive analyzer, or submit your own file for analysis.