Malicious Office (OLE) — malware analysis report

Static analysis result for SHA-256 fe566dfc096729b2…

MALICIOUS

Office (OLE)

3.0 KB First seen: 2018-06-19
MD5: f6122280ab12406d0c51d52a00c13c09 SHA-1: 0a41e31791e9f471aa6b01fbbace79d3bad61216 SHA-256: fe566dfc096729b281fa7c7bcb1f453a431880ea09f09250f9714df7b62fcb96
60 Risk Score

Malware Insights

MITRE ATT&CK
T1203 Exploitation for Client Execution

The file is identified as malicious by ClamAV with the signature Win.Trojan.MSShellcode-6360729-4, indicating the presence of malicious shellcode. As an OLE file, it is likely designed to exploit vulnerabilities or execute embedded code upon opening, leading to the download and execution of further malicious content. No specific document body text or scripts were extracted for further analysis.

Heuristics 1

  • ClamAV: Win.Trojan.MSShellcode-6360729-4 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Win.Trojan.MSShellcode-6360729-4

Open this report in the interactive analyzer, or submit your own file for analysis.