Office (OOXML) / .XLSX malware analysis — malicious · 416061fc275e421b

MALICIOUS

Office (OOXML) / .XLSX

21.4 KB Created: 2006-09-16 00:00:00 UTC Authoring application: Microsoft Excel 14.0300

MD5: dd8093c38a032054fd6d251dbb6248ac SHA-1: d9298fc5bd69dcbc3a2f8f30ca51e6d1d96d82a3 SHA-256: 416061fc275e421bcb7e39b2271701ca73d182177cd9aafea52ba2de63d75338

60 Risk Score

Malware Insights

MITRE ATT&CK

T1566.002 Spearphishing Attachment T1204.002 Malicious File

The file is identified by ClamAV as 'Xls.Dropper.QbotDocu12020-9818439-0', indicating it functions as a dropper for other malware. The document's structure and metadata suggest it is intended to be delivered via email as an attachment, leading the user to open it and trigger the malicious payload. No specific scripts or document body content were extracted for further analysis.

Heuristics 1

ClamAV: Xls.Dropper.QbotDocu12020-9818439-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xls.Dropper.QbotDocu12020-9818439-0

Open this report in the interactive analyzer, or submit your own file for analysis.