Office (OOXML) / .XLSX malware analysis — malicious · f534c683d4934e48

MALICIOUS

Office (OOXML) / .XLSX

73.8 KB Created: 2021-03-09 09:05:36 UTC Authoring application: Microsoft Excel 16.0300 First seen: 2026-05-22

MD5: 6dba2435c8efa3413bea844d659b8380 SHA-1: 5d0231d634b2bc493c3273a14a9f6648221231b7 SHA-256: f534c683d4934e482c9d9fd11e8578bd81d7b9c3806d9fe1813a4e94a3266ea7

70 Risk Score

Heuristics 3

OOXML clickable image phishing/form lure critical OOXML_CLICKABLE_IMAGE_FORM_LURE

Workbook uses a large embedded image as the visible document body and attaches a click-through external hyperlink to that image. The target is a form/collection service or the drawing contains download/view lure text, which is a common credential or document-phishing pattern rather than benign workbook data.
External hyperlinks (1) low OOXML_EXTERNAL_HYPERLINKS

Document contains 1 external hyperlink — clickable URLs are stored as external relationships. First target: https://74i4ail1oou.typeform.com/to/oHGIpqHG
Embedded URL info EMBEDDED_URL

One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.

URL https://74i4ail1oou.typeform.com/to/oHGIpqHG Document hyperlink

Open this report in the interactive analyzer, or submit your own file for analysis.