Office (OOXML) / .XLSX malware analysis — malicious · 2ec6665171db301b

MALICIOUS

Office (OOXML) / .XLSX

21.4 KB Created: 2006-09-16 00:00:00 UTC Authoring application: Microsoft Excel 14.0300

MD5: 5a35982aed2d319c853518360c3374ab SHA-1: 788a9629aac190fd4ed2ec557d9dea5277acd19b SHA-256: 2ec6665171db301bf4bd1b1ddb709ecb140e3cac1e4ffc4b1cbc00d4c2d925f3

60 Risk Score

Malware Insights

MITRE ATT&CK

T1204 Malicious Link

The file is identified by ClamAV as 'Xls.Dropper.QbotDocu12020-9818439-0', strongly indicating its function as a dropper for other malware. While no specific document body or scripts were extracted, the detection name suggests it is designed to download and execute a secondary payload, likely Qbot or a related variant.

Heuristics 1

ClamAV: Xls.Dropper.QbotDocu12020-9818439-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xls.Dropper.QbotDocu12020-9818439-0

Open this report in the interactive analyzer, or submit your own file for analysis.