Office (OOXML) / .XLSX malware analysis — malicious · 4846dbadafac0cec

MALICIOUS

Office (OOXML) / .XLSX

23.6 KB Created: 2006-09-16 00:00:00 UTC Authoring application: Microsoft Excel 14.0300

MD5: 8b8e76ac2c1b19c72d39d4839522d9e3 SHA-1: 7c6ee05d25464c8a3b6bb77795ee7c3abb07de4f SHA-256: 4846dbadafac0ceceecd3077cd3bb8a665ba41495f406de99f1ffef0b1945ff3

60 Risk Score

Malware Insights

MITRE ATT&CK

T1566.002 Phishing: Spearphishing Attachment

The file is identified by ClamAV as 'Xls.Dropper.QbotDocu12020-9818439-0', indicating it functions as a dropper for other malware. The primary attack pattern is likely spearphishing attachment, aiming to trick users into opening the malicious Excel file. Further analysis would be needed to determine the specific payload and its behavior.

Heuristics 1

ClamAV: Xls.Dropper.QbotDocu12020-9818439-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xls.Dropper.QbotDocu12020-9818439-0

Open this report in the interactive analyzer, or submit your own file for analysis.