Qbot Office (OOXML) / .XLSX malware analysis — malicious · 41aaa5186949e1a2

MALICIOUS

Office (OOXML) / .XLSX

23.6 KB Created: 2006-09-16 00:00:00 UTC Authoring application: Microsoft Excel 14.0300

MD5: 4c9696bb5268c9cd8e04301b2dcea1cd SHA-1: 7823d455fb54a84e09699571f6428a0dd3aba195 SHA-256: 41aaa5186949e1a2c21225f6a62a241e0638c7fa5193525f3e38b5e001cfd680

60 Risk Score

Malware Insights

Qbot · confidence 95%

MITRE ATT&CK

T1566.002 Phishing: Spearphishing Attachment

The file is identified by ClamAV as 'Xls.Dropper.QbotDocu12020-9818439-0', a known indicator for Qbot droppers. This suggests the primary function of this XLSX file is to serve as an initial stage for delivering and executing Qbot malware. The detection strongly implies a malicious intent to compromise the user's system.

Heuristics 1

ClamAV: Xls.Dropper.QbotDocu12020-9818439-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xls.Dropper.QbotDocu12020-9818439-0

Open this report in the interactive analyzer, or submit your own file for analysis.