Office (OOXML) / .XLSX malware analysis — malicious · 2b99935165cb44c1

MALICIOUS

Office (OOXML) / .XLSX

23.6 KB Created: 2006-09-16 00:00:00 UTC Authoring application: Microsoft Excel 14.0300

MD5: 98d42af24295b19501b4949f304b9901 SHA-1: e5642801ae096044700f6a7ca62cc72c57b7b150 SHA-256: 2b99935165cb44c18208d969e95dd5af684e528dbd7ea8fd2c4685f19fa2492f

60 Risk Score

Malware Insights

MITRE ATT&CK

T1566.002 Spearphishing Attachment

The file is an Excel document identified by ClamAV as Xls.Dropper.QbotDocu12020-9818439-0, indicating it functions as a dropper. The primary attack pattern is likely social engineering to trick the user into enabling macros, which would then download and execute a malicious payload. No specific scripts or document body content were extracted for further analysis.

Heuristics 1

ClamAV: Xls.Dropper.QbotDocu12020-9818439-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xls.Dropper.QbotDocu12020-9818439-0

Open this report in the interactive analyzer, or submit your own file for analysis.