Office (OOXML) / .XLSX malware analysis — malicious · 22fd2235f3268104

MALICIOUS

Office (OOXML) / .XLSX

21.4 KB Created: 2006-09-16 00:00:00 UTC Authoring application: Microsoft Excel 14.0300

MD5: a06325052612e388d19753d746649e60 SHA-1: 24fe3bd22fe4ccf7e47306d8222705d0e293f7b0 SHA-256: 22fd2235f32681047acbf6db192c451eb8b5de3c2f09a270fd5c5da8cd993e3e

60 Risk Score

Malware Insights

MITRE ATT&CK

T1566.002 Spearphishing Attachment

The file is identified by ClamAV as 'Xls.Dropper.QbotDocu12020-9818439-0', indicating it functions as a dropper for other malware. The primary attack pattern is likely spearphishing, where this malicious Excel file is delivered as an attachment to unsuspecting users. The specific payload and execution method are not detailed in the provided evidence, but its role as a dropper is clear.

Heuristics 1

ClamAV: Xls.Dropper.QbotDocu12020-9818439-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xls.Dropper.QbotDocu12020-9818439-0

Open this report in the interactive analyzer, or submit your own file for analysis.