Qbot Office (OOXML) / .XLSX malware analysis — malicious · 30486309ab7757e6

MALICIOUS

Office (OOXML) / .XLSX

21.4 KB Created: 2006-09-16 00:00:00 UTC Authoring application: Microsoft Excel 14.0300

MD5: 933d2530fa03b64107f0005fe8b033e0 SHA-1: 460827c95a3979c118caf4ba6c893f4311781da5 SHA-256: 30486309ab7757e69664a0c3ce25d2bf9245bf957f03bc61d94dc59249063c19

60 Risk Score

Malware Insights

Qbot · confidence 85%

MITRE ATT&CK

T1566.002 Phishing: Spearphishing Attachment

The file is an Excel document identified by ClamAV as 'Xls.Dropper.QbotDocu12020-9818439-0', strongly suggesting it is a Qbot downloader. The document's metadata indicates it was created in 2006, which is unusually old for modern Qbot variants, but the detection name is specific. No further IOCs or scripts were extracted for detailed analysis.

Heuristics 1

ClamAV: Xls.Dropper.QbotDocu12020-9818439-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xls.Dropper.QbotDocu12020-9818439-0

Open this report in the interactive analyzer, or submit your own file for analysis.