Xls.Malware.Stratos-7506050-0 — Office (OLE) malware analysis

Static analysis result for SHA-256 ff7f47a5f38364fe…

MALICIOUS

Office (OLE)

104.0 KB Created: 2006-09-16 00:00:00 Authoring application: Microsoft Excel First seen: 2020-09-15
MD5: 4e2adc32214fc327f915253aaa2a3cb4 SHA-1: 08e4cfddd4077106f2ca5fc8c94519235082c916 SHA-256: ff7f47a5f38364fe7717dbdb4587aa45ad1ca754b84907ae4535bf0f5d043b5a
62 Risk Score

Malware Insights

Xls.Malware.Stratos-7506050-0 · confidence 85%

MITRE ATT&CK
T1566.001 Spearphishing Attachment

ClamAV identified this file as Xls.Malware.Stratos-7506050-0, suggesting a known malware variant. The inability to extract VBA macros due to an unsupported format indicates potential obfuscation or legacy structure, common in malicious documents. The file's metadata points to it being an Excel spreadsheet, likely delivered as a spearphishing attachment.

Heuristics 2

  • ClamAV: Xls.Malware.Stratos-7506050-0 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Xls.Malware.Stratos-7506050-0
  • Unsupported Office format for VBA extraction info OFFICE_FORMAT_UNSUPPORTED
    olevba could not extract VBA macros (AssertionError); format-agnostic byte-level scans still ran. Likely legacy, encrypted, or malformed OLE/OOXML — re-scanning the same bytes will yield the same outcome.

Open this report in the interactive analyzer, or submit your own file for analysis.