Qbot Office (OOXML) / .XLSX malware analysis — malicious · 579dc5fffc5f8fd4

MALICIOUS

Office (OOXML) / .XLSX

23.6 KB Created: 2006-09-16 00:00:00 UTC Authoring application: Microsoft Excel 14.0300

MD5: 979051aa200e544b2f565691c83cfb31 SHA-1: 0c647f1ca9f02d9c22a6d50fc3274b78f04c8e98 SHA-256: 579dc5fffc5f8fd4e5897276955c547258d99e2c68457c3de99798582a6bc0d8

60 Risk Score

Malware Insights

Qbot · confidence 85%

MITRE ATT&CK

T1204 Malicious File Execution

The ClamAV heuristic 'Xls.Dropper.QbotDocu12020-9818439-0' strongly suggests this Excel file is a dropper for the Qbot malware family. Dropper malware typically aims to download and execute additional malicious payloads on the victim's system. While no specific IOCs were extracted, the detection itself is a high-confidence indicator of malicious intent.

Heuristics 1

ClamAV: Xls.Dropper.QbotDocu12020-9818439-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xls.Dropper.QbotDocu12020-9818439-0

Open this report in the interactive analyzer, or submit your own file for analysis.