Office (OOXML) / .XLSX malware analysis — malicious · 539d387d3197222c

MALICIOUS

Office (OOXML) / .XLSX

23.6 KB Created: 2006-09-16 00:00:00 UTC Authoring application: Microsoft Excel 14.0300

MD5: 53fbe339788aa5365e67b881173b5aee SHA-1: 8a2c161d342a18c1a8751aff0d1eee2b9c6e462a SHA-256: 539d387d3197222cd34eee5b9fd3f6578beaf38395ee5d203287e65babf3bb91

60 Risk Score

Malware Insights

MITRE ATT&CK

T1566.002 Phishing: Spearphishing Attachment

The file is an Excel spreadsheet identified by ClamAV as 'Xls.Dropper.QbotDocu12020-9818439-0', indicating it functions as a dropper. The primary attack vector is likely social engineering to convince the user to enable macros, leading to the execution of malicious code. No further details on the payload or specific download URLs were extracted.

Heuristics 1

ClamAV: Xls.Dropper.QbotDocu12020-9818439-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xls.Dropper.QbotDocu12020-9818439-0

Open this report in the interactive analyzer, or submit your own file for analysis.