Malicious Office (OLE) / .EXE — malware analysis report

Static analysis result for SHA-256 f9b1193cda1a6331…

MALICIOUS

Office (OLE) / .EXE

75.5 KB Created: 1998-09-07 04:51:33 Authoring application: Microsoft Excel
MD5: 9961cb184907c328d21835bb227fb79f SHA-1: 815fbe887b462880731d6f3776920416130a3d8f SHA-256: f9b1193cda1a633137a352c17194dc89ef08ca5079191dbde5e1b505b3c51123
60 Risk Score

Malware Insights

MITRE ATT&CK
T1059.005 Visual Basic T1566.001 Spearphishing Attachment

The file is an OLE executable containing VBA macros, with a high-severity heuristic indicating an Auto_Open macro. This suggests the file is designed to execute malicious code automatically upon opening. The presence of VBA macros and the Auto_Open trigger strongly indicate a macro-based attack. No specific IOCs were extracted, but the presence of the Auto_Open macro is a strong indicator of malicious intent.

Heuristics 2

  • Auto_Open macro high OLE_VBA_AUTO
    Auto_Open macro
  • VBA macros detected medium OLE_VBA_MACROS
    Document contains VBA macro code

Extracted artifacts 1

Files carved from inside the sample during analysis.

FilenameKindSourceSize
macros.bas
7335d625ffaa57a76fe54204b7cb9ed5ca3217a5e596382d344cf927d06a7c3b		 vba-macro oletools.olevba.extract_macros (decoded VBA source) 3231 bytes

Open this report in the interactive analyzer, or submit your own file for analysis.