Office (OOXML) / .XLSX malware analysis — malicious · 3f87fc58b5fee737

MALICIOUS

Office (OOXML) / .XLSX

23.6 KB Created: 2006-09-16 00:00:00 UTC Authoring application: Microsoft Excel 14.0300

MD5: 4e5fbc0398ffd64b55bbc231d30472b7 SHA-1: 852735266a3ab8effad2929cf037089317bd2d3f SHA-256: 3f87fc58b5fee737c9f3c4e7250c502c1c944c7aa130462bb10a0a0a7d8cddc7

60 Risk Score

Malware Insights

MITRE ATT&CK

T1566.002 Phishing: Spearphishing Attachment

The file is an Excel spreadsheet identified by ClamAV as 'Xls.Dropper.QbotDocu12020-9818439-0', indicating it functions as a dropper. Dropper malware is typically used to download and execute a second-stage payload. The specific nature of the payload or its delivery mechanism could not be determined from the provided evidence.

Heuristics 1

ClamAV: Xls.Dropper.QbotDocu12020-9818439-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xls.Dropper.QbotDocu12020-9818439-0

Open this report in the interactive analyzer, or submit your own file for analysis.