Office (OOXML) / .XLSX malware analysis — malicious · 3a45922a2f924520

MALICIOUS

Office (OOXML) / .XLSX

21.4 KB Created: 2006-09-16 00:00:00 UTC Authoring application: Microsoft Excel 14.0300

MD5: 38cceb03190fedd39fcef08a6534efaa SHA-1: 97153330772c054db4d9607ccb17a400be7ba207 SHA-256: 3a45922a2f924520bb5782208cefa9f1d0f102b942cc3e26d95ef13dbff2a525

60 Risk Score

Malware Insights

MITRE ATT&CK

T1566.002 Spearphishing Attachment T1204.002 Malicious File

The file is identified by ClamAV as 'Xls.Dropper.QbotDocu12020-9818439-0', indicating it functions as a dropper for a secondary payload. The presence of this detection strongly suggests the Excel file's primary purpose is to facilitate the execution of other malware. Without further script or body content, the exact mechanism of payload delivery and execution remains inferred.

Heuristics 1

ClamAV: Xls.Dropper.QbotDocu12020-9818439-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xls.Dropper.QbotDocu12020-9818439-0

Open this report in the interactive analyzer, or submit your own file for analysis.