Office (OOXML) / .XLSX malware analysis — malicious · 4b6959ff22dd9c75

MALICIOUS

Office (OOXML) / .XLSX

23.6 KB Created: 2006-09-16 00:00:00 UTC Authoring application: Microsoft Excel 14.0300

MD5: 4229b5418197447f9b22621b851babdd SHA-1: e674be2f0c53c96fcedad9bc298481d908492529 SHA-256: 4b6959ff22dd9c75bc1c3fe82daac42fc1ec39dc37314bc47197d86ef70dfe59

60 Risk Score

Malware Insights

MITRE ATT&CK

T1566.002 Phishing: Spearphishing Attachment

The file is an Excel document identified by ClamAV as 'Xls.Dropper.QbotDocu12020-9818439-0', indicating it functions as a dropper. The primary attack vector is likely social engineering to convince the user to enable macros, which would then initiate the malicious payload execution. No specific scripts or document body content were extracted for further analysis.

Heuristics 1

ClamAV: Xls.Dropper.QbotDocu12020-9818439-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xls.Dropper.QbotDocu12020-9818439-0

Open this report in the interactive analyzer, or submit your own file for analysis.