Office (OOXML) / .XLSX malware analysis — malicious · 1f831411dff9ce1f

MALICIOUS

Office (OOXML) / .XLSX

23.6 KB Created: 2006-09-16 00:00:00 UTC Authoring application: Microsoft Excel 14.0300

MD5: d2888869e23de735926b3483de356294 SHA-1: ef9e023279c689d6deed689dacbf43f950dc535c SHA-256: 1f831411dff9ce1f2f19b7102e8b8ba77ebb631aff6eb8aedbff6936b81a590b

60 Risk Score

Malware Insights

MITRE ATT&CK

T1566.002 Spearphishing Attachment

The file is identified by ClamAV as 'Xls.Dropper.QbotDocu12020-9818439-0', indicating its function as a dropper. While no specific document body or scripts were extracted, the detection signature strongly suggests the file's purpose is to download and execute additional malicious content. The lack of further details necessitates a cautious assessment of the family.

Heuristics 1

ClamAV: Xls.Dropper.QbotDocu12020-9818439-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xls.Dropper.QbotDocu12020-9818439-0

Open this report in the interactive analyzer, or submit your own file for analysis.