Office (OOXML) / .XLSX malware analysis — malicious · 5697b85141e542b4

MALICIOUS

Office (OOXML) / .XLSX

21.4 KB Created: 2006-09-16 00:00:00 UTC Authoring application: Microsoft Excel 14.0300

MD5: 8b6da2f17970a35303825509e5a60c41 SHA-1: cbbce8b709c73c3d3ff6b1197735f6cd690376bd SHA-256: 5697b85141e542b410156a94566105a2604869b9272ef70a5f446eb946313ba2

60 Risk Score

Malware Insights

MITRE ATT&CK

T1566.002 Phishing: Spearphishing Attachment T1204.002 Malicious File: User Execution: Malicious File

The file is identified by ClamAV as 'Xls.Dropper.QbotDocu12020-9818439-0', indicating it functions as a dropper. This suggests the primary purpose of the Excel file is to download and execute a malicious payload. The specific family is not immediately identifiable from the provided heuristics.

Heuristics 1

ClamAV: Xls.Dropper.QbotDocu12020-9818439-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xls.Dropper.QbotDocu12020-9818439-0

Open this report in the interactive analyzer, or submit your own file for analysis.