Office (OOXML) / .XLSX malware analysis — malicious · 20d2a6dbe5506394

MALICIOUS

Office (OOXML) / .XLSX

21.4 KB Created: 2006-09-16 00:00:00 UTC Authoring application: Microsoft Excel 14.0300

MD5: 5ae9bf23ede29a2ef4de03e09b4d742a SHA-1: 5c5ab17ed98d11a29d6d264f6ce2fbc22e64952c SHA-256: 20d2a6dbe55063943f3052a6c23756214f9abf6a5f708cf6923bc904fe4f23ae

60 Risk Score

Malware Insights

MITRE ATT&CK

T1566.002 Phishing: Spearphishing Attachment

The file is identified by ClamAV as 'Xls.Dropper.QbotDocu12020-9818439-0', indicating it functions as a dropper. Dropper malware is typically used to download and execute further malicious payloads. Without additional script or body content, the exact nature of the payload and its delivery mechanism cannot be determined.

Heuristics 1

ClamAV: Xls.Dropper.QbotDocu12020-9818439-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xls.Dropper.QbotDocu12020-9818439-0

Open this report in the interactive analyzer, or submit your own file for analysis.