Office (OOXML) / .XLSX malware analysis — malicious · 48604e3a7f7c7397

MALICIOUS

Office (OOXML) / .XLSX

21.4 KB Created: 2006-09-16 00:00:00 UTC Authoring application: Microsoft Excel 14.0300

MD5: 09a7ffeafc82751064a73b16713b451c SHA-1: d1f09536e010e6e2bfe62b752b5d86a3bb638662 SHA-256: 48604e3a7f7c73973605f192fdf05c4f1a3e0b5e33bed620a1e60bafb641b4e1

60 Risk Score

Malware Insights

MITRE ATT&CK

T1566.002 Spearphishing Attachment

The file is identified by ClamAV as a known dropper for the Qbot malware family. Its primary function is to deliver and execute a malicious payload. The specific variant detected suggests a focus on dropping malware via Office documents.

Heuristics 1

ClamAV: Xls.Dropper.QbotDocu12020-9818439-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xls.Dropper.QbotDocu12020-9818439-0

Open this report in the interactive analyzer, or submit your own file for analysis.