Office (OOXML) / .XLSX malware analysis — malicious · 26dc3d4dcc7ff4bc

MALICIOUS

Office (OOXML) / .XLSX

21.4 KB Created: 2006-09-16 00:00:00 UTC Authoring application: Microsoft Excel 14.0300

MD5: 4f435c0ed98fdeb85fafb35563f8e798 SHA-1: ebe42f1d8569c5e8ef0b2bef5c6390fae31947dc SHA-256: 26dc3d4dcc7ff4bc49267e138be9222203d32ac0f0008d3c7779191e31422bba

60 Risk Score

Malware Insights

MITRE ATT&CK

T1566.002 Phishing: Spearphishing Attachment

The file is an Excel spreadsheet identified by ClamAV as 'Xls.Dropper.QbotDocu12020-9818439-0', indicating it functions as a dropper. The primary attack pattern involves tricking the user into enabling macros to initiate the malicious payload download and execution. No specific scripts or document body content were extracted for further analysis.

Heuristics 1

ClamAV: Xls.Dropper.QbotDocu12020-9818439-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xls.Dropper.QbotDocu12020-9818439-0

Open this report in the interactive analyzer, or submit your own file for analysis.