Office (OOXML) / .XLSX malware analysis — malicious · 5491c77794041e74

MALICIOUS

Office (OOXML) / .XLSX

21.4 KB Created: 2006-09-16 00:00:00 UTC Authoring application: Microsoft Excel 14.0300

MD5: cc9e788a48d6b9142e0dc514543dc579 SHA-1: 6cdd3792b315d9ffa67ee2a4606fc0998ffb1017 SHA-256: 5491c77794041e7425bbad1650863f5b3f05ce53a820dce8053110f0de1bd44d

60 Risk Score

Malware Insights

MITRE ATT&CK

T1566.002 Phishing: Spearphishing Attachment

The file is an Excel spreadsheet identified by ClamAV as Xls.Dropper.QbotDocu12020-9818439-0. This heuristic suggests the file is a dropper, likely intended to download and execute a secondary payload upon enabling macros. No document body or scripts were extracted, limiting further analysis of the specific lure or payload delivery mechanism.

Heuristics 1

ClamAV: Xls.Dropper.QbotDocu12020-9818439-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xls.Dropper.QbotDocu12020-9818439-0

Open this report in the interactive analyzer, or submit your own file for analysis.