MalwareBazaar Database
You are currently viewing the MalwareBazaar entry for SHA256 c4ed041045a4c0eacd673fc5d85329cd4e082cdbed11a8ba87994b8ee2c9214d. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.
Database Entry
Threat unknown
Vendor detections: 14
| SHA256 hash: | c4ed041045a4c0eacd673fc5d85329cd4e082cdbed11a8ba87994b8ee2c9214d |
|---|---|
| SHA3-384 hash: | 16afc4d87c92575a50ee7f185e1c2130f185174e1bbac21c090e9b4c639d6068ee3e3054c3c8b2dd27a29b7f96434110 |
| SHA1 hash: | b2e770604e3fb1f2499469e74ebdab20cd4fee40 |
| MD5 hash: | 37fa70a6e98dd9cfe8a6fc9501834bd9 |
| humanhash: | winner-enemy-hotel-nineteen |
| File name: | SwiftXcopyXX807FTBR261590003X.xls |
| Download: | download sample |
| File size: | 514'048 bytes |
| First seen: | 2026-07-03 17:55:21 UTC |
| Last seen: | 2026-07-03 17:56:59 UTC |
| File type: | |
| MIME type: | application/vnd.ms-excel |
| ssdeep | 12288:h5E03Uj6WdMXMegxsEBUz9Id+qWay4nT:PE0WnK8xC9IkMT |
| TLSH | T120B4F1A0B5948F59DB464F76CB9B8AC00325BDB35F19A60B31827B0D5EF33823947C69 |
| TrID | 47.4% (.XLS) Microsoft Excel sheet (32500/1/3) 40.8% (.XLS) Microsoft Excel sheet (alternate) (28000/1/3) 11.6% (.) Generic OLE2 / Multistream Compound (8000/1) |
| Magika | xls |
| Reporter | |
| Tags: | xls |
Office OLE Information
This malware samples appears to be an Office document. The following table provides more information about this document using oletools and oledump.
OLE id
| Application name is Microsoft Excel |
| File Format is MS Excel 97-2003 |
| Container Format is OLE |
| Office document is in encrypted |
OLE dump
MalwareBazaar was able to identify 11 sections in this file using oledump:
| Section ID | Section size | Section name |
|---|---|---|
| 1 | 114 bytes | CompObj |
| 2 | 244 bytes | DocumentSummaryInformation |
| 3 | 200 bytes | SummaryInformation |
| 4 | 99 bytes | MBD001398D0/CompObj |
| 5 | 23673 bytes | MBD001398D0/Package |
| 6 | 866 bytes | MBD001398D1/Ole |
| 7 | 114 bytes | MBD002EB9A7/CompObj |
| 8 | 268 bytes | MBD002EB9A7/DocumentSummaryInformation |
| 9 | 107192 bytes | MBD002EB9A7/SummaryInformation |
| 10 | 123268 bytes | MBD002EB9A7/Workbook |
| 11 | 249027 bytes | Workbook |
Intelligence
File Origin
CHVendor Threat Intelligence
Details
Result
Behaviour
Result
Payload URLs
Behaviour
Result
Behaviour
File information
The table below shows additional information about this malware sample such as delivery method and external references.
Malspam
xls c4ed041045a4c0eacd673fc5d85329cd4e082cdbed11a8ba87994b8ee2c9214d
(this sample)
Comments
Login required
You need to login to in order to write a comment. Login with your abuse.ch account.