MALICIOUS
60
Risk Score
Malware Insights
MITRE ATT&CK
T1059.005 Visual Basic for Applications
The critical heuristic 'OLE_XLS_FORMULA_MACRO_VIRUS' indicates the presence of a legacy Excel formula macro virus, specifically mentioning markers like 'Excel Formula Macro Virus', 'XF.Classic', 'Poppy by VicodinES', and 'Narkotic Network'. The document body presents a seemingly legitimate invoice or cost calculation, which is a common social engineering tactic to trick users into enabling macros. The combination of the lure document and the specific macro virus marker strongly suggests an attack pattern involving macro execution.
Heuristics 1
-
Legacy Excel formula macro virus marker critical OLE_XLS_FORMULA_MACRO_VIRUSWorkbook stream contains self-identifying legacy Excel formula macro virus markers. This indicates the document carries formula macro virus content even when no VBA project or modern XLM macro-sheet structure is present.
Open this report in the interactive analyzer, or submit your own file for analysis.