Office (OOXML) / .XLSX malware analysis — malicious · 1ed65f0a00f5a5f0

MALICIOUS

Office (OOXML) / .XLSX

21.4 KB Created: 2006-09-16 00:00:00 UTC Authoring application: Microsoft Excel 14.0300

MD5: efbff3fbc25bfac67d3b648786b96814 SHA-1: a83e3b2322336220fd81687b23720d6863af806e SHA-256: 1ed65f0a00f5a5f0a26cdd0faf4d5c60541bb5ccb4b015c440225cc3003c06f0

60 Risk Score

Malware Insights

MITRE ATT&CK

T1566.002 Spearphishing Attachment

The file is an Excel document identified by ClamAV as 'Xls.Dropper.QbotDocu12020-9818439-0', indicating it functions as a dropper. Dropper malware is typically used to download and execute further malicious payloads. Without additional script or body content, the exact nature of the payload cannot be determined, but its primary function is to facilitate the execution of other malware.

Heuristics 1

ClamAV: Xls.Dropper.QbotDocu12020-9818439-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xls.Dropper.QbotDocu12020-9818439-0

Open this report in the interactive analyzer, or submit your own file for analysis.