Malicious Office (OLE) / .EXE — malware analysis report

Static analysis result for SHA-256 ffb41df85ce50bba…

MALICIOUS

Office (OLE) / .EXE

79.0 KB Created: 1998-12-11 16:42:08 Authoring application: Microsoft Excel
MD5: d825714b10f247b9841b1261cc72c200 SHA-1: 875f0b8020c725447fab3a4f381f02b81209936a SHA-256: ffb41df85ce50bbaddcd470fae8c32ab94cc43323668ca8c95099059aba05ae7
60 Risk Score

Malware Insights

MITRE ATT&CK
T1059.005 Visual Basic

The file is an Excel OLE executable containing a large VBA macro. The presence of an Auto_Open macro indicates that malicious code is likely to execute automatically when the file is opened. No specific family could be identified, and no external IOCs were extracted from the sample.

Heuristics 2

  • Auto_Open macro high OLE_VBA_AUTO
    Auto_Open macro
  • VBA macros detected medium OLE_VBA_MACROS
    Document contains VBA macro code

Extracted artifacts 1

Files carved from inside the sample during analysis.

FilenameKindSourceSize
macros.bas
98e4b85f26925638247ce534706990e6ed4378545529568d754046e95b2a83b7		 vba-macro oletools.olevba.extract_macros (decoded VBA source) 26395 bytes

Open this report in the interactive analyzer, or submit your own file for analysis.