Xls.Downloader.Agent08210-9888570-0 — Office (OOXML) malware analysis

Static analysis result for SHA-256 0c1eb5427569a94e…

MALICIOUS

Office (OOXML)

246.7 KB Created: 2021-05-25 21:48:16 UTC Authoring application: Microsoft Excel 16.0300 First seen: 2021-07-13
MD5: 006cf861eebc70196a203d1dda8e2857 SHA-1: f3cb32e5ed64a2480fda6cfc7554e60dfa1868d4 SHA-256: 0c1eb5427569a94ebea85f38270a14ed95c0f6e9bb5b586feec6a91fdce1a069
60 Risk Score

Malware Insights

Xls.Downloader.Agent08210-9888570-0 · confidence 90%

MITRE ATT&CK
T1566.001 Spearphishing Attachment

The file was detected by ClamAV as Xls.Downloader.Agent08210-9888570-0, indicating it functions as a downloader. The document body contains what appears to be encoded data or script fragments, suggesting it is designed to execute malicious code. The primary function is likely to download and execute a second-stage payload.

Heuristics 1

  • ClamAV: Xls.Downloader.Agent08210-9888570-0 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Xls.Downloader.Agent08210-9888570-0

Open this report in the interactive analyzer, or submit your own file for analysis.