Office (OOXML) / .XLSX malware analysis — malicious · 3661974fc62db819

MALICIOUS

Office (OOXML) / .XLSX

21.4 KB Created: 2006-09-16 00:00:00 UTC Authoring application: Microsoft Excel 14.0300

MD5: 54664038a7e40cdbcff207519a58196a SHA-1: cc85622916324de09d4222ea3a1d0d43afb9ff19 SHA-256: 3661974fc62db819f1c054e63af6d557311d4f66b69e5e75f3773074aa7b9d7a

60 Risk Score

Malware Insights

MITRE ATT&CK

T1566.002 Spearphishing Attachment

The file is an Excel spreadsheet identified by ClamAV as Xls.Dropper.QbotDocu12020-9818439-0, indicating it functions as a dropper. The primary attack vector is likely social engineering to convince the user to enable macros, which would then execute the malicious payload. No VBA scripts or document body text were extracted, limiting further analysis of the specific payload delivery mechanism.

Heuristics 1

ClamAV: Xls.Dropper.QbotDocu12020-9818439-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xls.Dropper.QbotDocu12020-9818439-0

Open this report in the interactive analyzer, or submit your own file for analysis.