Qbot Office (OOXML) / .XLSX malware analysis — malicious · 4d0b612500cd3e37

MALICIOUS

Office (OOXML) / .XLSX

21.4 KB Created: 2006-09-16 00:00:00 UTC Authoring application: Microsoft Excel 14.0300

MD5: 532a778ef7cac7cd33f31bf771bab64e SHA-1: 01957a8bed97ad072c5da0750972bbe64cf276bb SHA-256: 4d0b612500cd3e37843e49c44d6d0edd0a44adf33a21e933bde9a86d803427c4

60 Risk Score

Malware Insights

Qbot · confidence 95%

MITRE ATT&CK

T1204 Malicious File

The file is identified by ClamAV as 'Xls.Dropper.QbotDocu12020-9818439-0', strongly indicating it is a Qbot variant designed to drop a secondary payload. The file type is an Excel spreadsheet, consistent with Qbot's common delivery methods. No further script or document body analysis was available to provide more specific IOCs or attack details.

Heuristics 1

ClamAV: Xls.Dropper.QbotDocu12020-9818439-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xls.Dropper.QbotDocu12020-9818439-0

Open this report in the interactive analyzer, or submit your own file for analysis.