Office (OOXML) / .XLSX malware analysis — malicious · 4a2d002c724f6d51

MALICIOUS

Office (OOXML) / .XLSX

21.4 KB Created: 2006-09-16 00:00:00 UTC Authoring application: Microsoft Excel 14.0300

MD5: 088978b73697c0c3ba61d5be2e4d01b7 SHA-1: a57906fcf55174a9c82f43cf69017c0910a0e231 SHA-256: 4a2d002c724f6d51f67c6753134a2371762cb6354b81202deb2548c239115fba

60 Risk Score

Malware Insights

MITRE ATT&CK

T1566.002 Spearphishing Attachment

The file is an Excel document flagged by ClamAV as a known dropper, specifically 'Xls.Dropper.QbotDocu12020-9818439-0'. This indicates it is designed to download and execute a secondary payload. While no specific IOCs beyond the ClamAV signature were extracted, the heuristic strongly suggests a malicious dropper functionality.

Heuristics 1

ClamAV: Xls.Dropper.QbotDocu12020-9818439-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xls.Dropper.QbotDocu12020-9818439-0

Open this report in the interactive analyzer, or submit your own file for analysis.