Office (OOXML) / .XLSX malware analysis — malicious · 50f265fdf4389c92

MALICIOUS

Office (OOXML) / .XLSX

21.4 KB Created: 2006-09-16 00:00:00 UTC Authoring application: Microsoft Excel 14.0300

MD5: 7a4f046e20b39da83b20cd1b4cd00b1a SHA-1: 06e07cb493d134d00aa3d48baecefedaff39761f SHA-256: 50f265fdf4389c921d01716aaffffcd8f010129c17100373cd5ff77e0c7b999f

60 Risk Score

Malware Insights

MITRE ATT&CK

T1566.002 Phishing: Spearphishing Attachment

The file is an Excel spreadsheet identified by ClamAV as 'Xls.Dropper.QbotDocu12020-9818439-0', indicating it functions as a dropper. The primary attack pattern is likely social engineering to trick the user into enabling macros, which would then execute the malicious payload. No specific scripts or document body content were extracted for further analysis.

Heuristics 1

ClamAV: Xls.Dropper.QbotDocu12020-9818439-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xls.Dropper.QbotDocu12020-9818439-0

Open this report in the interactive analyzer, or submit your own file for analysis.