Office (OOXML) / .XLSX malware analysis — malicious · 40ce1ccae112b16b

MALICIOUS

Office (OOXML) / .XLSX

21.4 KB Created: 2006-09-16 00:00:00 UTC Authoring application: Microsoft Excel 14.0300

MD5: 6d9ae9c44f3aae6425e1b12a08be1ddb SHA-1: 08e6110f2d542775487f92ace6e46a19c9829301 SHA-256: 40ce1ccae112b16b986a0ecb45c2c4b7b4e237d9b0b228ebed8e08f6bd4351e4

60 Risk Score

Malware Insights

MITRE ATT&CK

T1204 Malicious File Execution

The file is identified as a malicious Excel document by ClamAV, specifically flagged as a dropper. While no specific document body or scripts were extracted, the heuristic strongly suggests the file's purpose is to initiate the download and execution of further malicious content. The lack of other extracted artifacts limits further analysis of the specific attack vector.

Heuristics 1

ClamAV: Xls.Dropper.QbotDocu12020-9818439-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xls.Dropper.QbotDocu12020-9818439-0

Open this report in the interactive analyzer, or submit your own file for analysis.