Office (OOXML) / .XLSX malware analysis — malicious · 1ca725ac89ce1e3d

MALICIOUS

Office (OOXML) / .XLSX

23.6 KB Created: 2006-09-16 00:00:00 UTC Authoring application: Microsoft Excel 14.0300

MD5: 40339205de31fd91f364db99593aa38f SHA-1: 4f1a47da1272997cff5f8a642db78dc2d19c0637 SHA-256: 1ca725ac89ce1e3deadfd4e090686b099893a5dc27d35bbe4983aa6e9e35e7ba

60 Risk Score

Malware Insights

MITRE ATT&CK

T1566.002 Phishing: Spearphishing Attachment

The file is an Excel document identified by ClamAV as 'Xls.Dropper.QbotDocu12020-9818439-0', indicating it functions as a dropper. Dropper malware typically aims to download and execute additional malicious payloads. The primary attack vector is likely social engineering to convince the user to enable macros, which would then trigger the payload download.

Heuristics 1

ClamAV: Xls.Dropper.QbotDocu12020-9818439-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xls.Dropper.QbotDocu12020-9818439-0

Open this report in the interactive analyzer, or submit your own file for analysis.