Office (OOXML) / .XLSX malware analysis — malicious · 5681a8f6414087da

MALICIOUS

Office (OOXML) / .XLSX

23.6 KB Created: 2006-09-16 00:00:00 UTC Authoring application: Microsoft Excel 14.0300

MD5: a00931e943ef027d77dd4b95c878d98d SHA-1: 63b23c0cace1b1de3f2c5b488b876421c5c15aef SHA-256: 5681a8f6414087dacf3796fe7b679c652b481571604770c6c5b1b464f736d113

60 Risk Score

Malware Insights

MITRE ATT&CK

T1566.002 Phishing: Spearphishing Attachment

The file is an Excel spreadsheet identified by ClamAV as 'Xls.Dropper.QbotDocu12020-9818439-0', indicating it functions as a dropper. The heuristic firing suggests the file is designed to execute malicious code, likely through macro execution, to download and install further malware. No specific document body or script content was provided for further analysis.

Heuristics 1

ClamAV: Xls.Dropper.QbotDocu12020-9818439-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xls.Dropper.QbotDocu12020-9818439-0

Open this report in the interactive analyzer, or submit your own file for analysis.