Office (OOXML) / .XLSX malware analysis — malicious · 25d48636c0295a16

MALICIOUS

Office (OOXML) / .XLSX

23.6 KB Created: 2006-09-16 00:00:00 UTC Authoring application: Microsoft Excel 14.0300

MD5: 69cf9788bbbc628c214d1a774bec53ad SHA-1: f4ab6297c6a01613be1aebcdf2ba29f0914a7aba SHA-256: 25d48636c0295a16159b697197dd6553adb2e86bfba00bb4b7014ee29aedfd6a

60 Risk Score

Malware Insights

MITRE ATT&CK

T1566.002 Spearphishing Attachment

Static analysis identified the file as a malicious Excel document. The ClamAV heuristic firing, 'Xls.Dropper.QbotDocu12020-9818439-0', strongly suggests this file is a dropper. Dropper malware is typically used to download and execute a secondary, more potent payload. The file's purpose is therefore to act as an initial infection vector.

Heuristics 1

ClamAV: Xls.Dropper.QbotDocu12020-9818439-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xls.Dropper.QbotDocu12020-9818439-0

Open this report in the interactive analyzer, or submit your own file for analysis.