Office (OOXML) / .XLSX malware analysis — malicious · 3d5aba60cf895909

MALICIOUS

Office (OOXML) / .XLSX

29.5 KB Created: 2006-09-16 00:00:00 UTC Authoring application: Microsoft Excel 14.0300

MD5: 082e502fde340eb0ff41839b12a3629f SHA-1: 293b4829c82fce7da3bece2acf50acd18bb98958 SHA-256: 3d5aba60cf89590960a9005221a264058e6a9c7ba0537712263f640b1b3e3fcf

60 Risk Score

Malware Insights

MITRE ATT&CK

T1566.002 Spearphishing Attachment

The file is an Excel spreadsheet identified by ClamAV as 'Xls.Dropper.QbotDocu12020-9818439-0', indicating it functions as a dropper. The primary attack vector is likely social engineering to convince the user to enable macros, which would then execute malicious code. No specific IOCs were extracted, but the heuristic strongly suggests a downloader or dropper functionality.

Heuristics 1

ClamAV: Xls.Dropper.QbotDocu12020-9818439-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xls.Dropper.QbotDocu12020-9818439-0

Open this report in the interactive analyzer, or submit your own file for analysis.