Qbot Office (OOXML) / .XLSX malware analysis — malicious · 5116d278983b9fd4

MALICIOUS

Office (OOXML) / .XLSX

23.6 KB Created: 2006-09-16 00:00:00 UTC Authoring application: Microsoft Excel 14.0300

MD5: 57782709b7d644e270ca07edf7e7fc35 SHA-1: 81314755c093015fd758c96a6cfce8234803a8b1 SHA-256: 5116d278983b9fd4353b79d433b7cb3439954a7880bba7ab6ffa8815bef08570

60 Risk Score

Malware Insights

Qbot · confidence 90%

MITRE ATT&CK

T1566.002 Phishing: Spearphishing Attachment

The ClamAV heuristic 'Xls.Dropper.QbotDocu12020-9818439-0' strongly indicates this XLSX file is a Qbot dropper. Qbot droppers are typically used to download and execute further malicious payloads on a victim's system. No specific IOCs were extracted from the provided metadata and heuristics.

Heuristics 1

ClamAV: Xls.Dropper.QbotDocu12020-9818439-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xls.Dropper.QbotDocu12020-9818439-0

Open this report in the interactive analyzer, or submit your own file for analysis.