You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Describe the bug
Failed to analyze OOXML XLSX files due to undetected file format.
File/Malware sample to reproduce the bug
[Please attach the file in a password protected zip archive, or provide a link where it can be downloaded (e.g. Hybrid Analysis, preferably not VirusTotal which requires paid access). If not possible, please provide a hash.
Console output / Screenshots
olevba -l debug 6c7449dd411b963ac70c3933b27c5bf18799ee3852d4022a1ad2e49079201de8_black.xlsx
XLMMacroDeobfuscator: pywin32 is not installed (only is required if you want to use MS Excel)
olevba 0.60.1.dev6 on Python 3.8.8 - http:https://decalage.info/python/oletools
DEBUG ftguess: file type=Unknown file type - container=Unknown Container
INFO 6c7449dd411b963ac70c3933b27c5bf18799ee3852d4022a1ad2e49079201de8_black.xlsx is not a supported file type, cannot extract VBA Macros.
DEBUG Checking for encryption (after exception)
DEBUG Checking for encryption using msoffcrypto
INFO msoffcrypto failed to parse file or determine whether it is encrypted: Unsupported file format
INFO Failed to check 6c7449dd411b963ac70c3933b27c5bf18799ee3852d4022a1ad2e49079201de8_black.xlsx for encryption (not an OLE2 structured storage file); assume it is not encrypted.
ERROR Failed to open 6c7449dd411b963ac70c3933b27c5bf18799ee3852d4022a1ad2e49079201de8_black.xlsx -- probably not supported!
Traceback (most recent call last):
File "/opt/anaconda3/lib/python3.8/site-packages/oletools/olevba.py", line 4478, in process_file
vba_parser = VBA_Parser_CLI(filename, data=data, container=container,
File "/opt/anaconda3/lib/python3.8/site-packages/oletools/olevba.py", line 4030, in init
super(VBA_Parser_CLI, self).init(*args, **kwargs)
File "/opt/anaconda3/lib/python3.8/site-packages/oletools/olevba.py", line 2822, in init
raise FileOpenError(msg)
oletools.olevba.FileOpenError: Failed to open file 6c7449dd411b963ac70c3933b27c5bf18799ee3852d4022a1ad2e49079201de8_black.xlsx is not a supported file type, cannot extract VBA Macros.
DEBUG will exit now with code 5
Version information:
OS:Mac
OS version: x.xx - 64 bits
Python version: 3.8.8 - 32/64 bits
oletools version: 0.60.1.dev6
Additional context
Add any other context about the problem here.
The text was updated successfully, but these errors were encountered:
Affected tool:
olevba, mraptor, rtfobj, oleid, etc
Describe the bug
Failed to analyze OOXML XLSX files due to undetected file format.
File/Malware sample to reproduce the bug
[Please attach the file in a password protected zip archive, or provide a link where it can be downloaded (e.g. Hybrid Analysis, preferably not VirusTotal which requires paid access). If not possible, please provide a hash.
https://labs.inquest.net/dfi/sha256/6b3f34adaf8d7a6ed3431c129854c08271f7d0132ac382f21ad2b43306dccfc4
https://labs.inquest.net/dfi/sha256/5ec8cdb2cf93dbf9c22e88dc44deb55d516b2049d5a553f8f634a832a8930d21
https://labs.inquest.net/dfi/sha256/52a2212b79b32471c14174d27b8d4b4ad3e6c167c6ef150d370f9ab881d0179c
The debug information belongs to this file:
https://labs.inquest.net/dfi/sha256/6c7449dd411b963ac70c3933b27c5bf18799ee3852d4022a1ad2e49079201de8
How To Reproduce the bug
Regular OLEVBA or other
Expected behavior
Analysis of OOXML file.
Console output / Screenshots
olevba -l debug 6c7449dd411b963ac70c3933b27c5bf18799ee3852d4022a1ad2e49079201de8_black.xlsx
XLMMacroDeobfuscator: pywin32 is not installed (only is required if you want to use MS Excel)
olevba 0.60.1.dev6 on Python 3.8.8 - http:https://decalage.info/python/oletools
DEBUG ftguess: file type=Unknown file type - container=Unknown Container
INFO 6c7449dd411b963ac70c3933b27c5bf18799ee3852d4022a1ad2e49079201de8_black.xlsx is not a supported file type, cannot extract VBA Macros.
DEBUG Checking for encryption (after exception)
DEBUG Checking for encryption using msoffcrypto
INFO msoffcrypto failed to parse file or determine whether it is encrypted: Unsupported file format
INFO Failed to check 6c7449dd411b963ac70c3933b27c5bf18799ee3852d4022a1ad2e49079201de8_black.xlsx for encryption (not an OLE2 structured storage file); assume it is not encrypted.
ERROR Failed to open 6c7449dd411b963ac70c3933b27c5bf18799ee3852d4022a1ad2e49079201de8_black.xlsx -- probably not supported!
Traceback (most recent call last):
File "/opt/anaconda3/lib/python3.8/site-packages/oletools/olevba.py", line 4478, in process_file
vba_parser = VBA_Parser_CLI(filename, data=data, container=container,
File "/opt/anaconda3/lib/python3.8/site-packages/oletools/olevba.py", line 4030, in init
super(VBA_Parser_CLI, self).init(*args, **kwargs)
File "/opt/anaconda3/lib/python3.8/site-packages/oletools/olevba.py", line 2822, in init
raise FileOpenError(msg)
oletools.olevba.FileOpenError: Failed to open file 6c7449dd411b963ac70c3933b27c5bf18799ee3852d4022a1ad2e49079201de8_black.xlsx is not a supported file type, cannot extract VBA Macros.
DEBUG will exit now with code 5
Version information:
Additional context
Add any other context about the problem here.
The text was updated successfully, but these errors were encountered: