Office (OOXML) / .XLSX malware analysis — malicious · 57aeb70a112d7380

MALICIOUS

Office (OOXML) / .XLSX

21.4 KB Created: 2006-09-16 00:00:00 UTC Authoring application: Microsoft Excel 14.0300

MD5: 931935feb42bedf83c6c4698c7a49784 SHA-1: bf9d37d3480db7d5885ded0cd2746df2a257a341 SHA-256: 57aeb70a112d738057c5357578a47d4ca82075bad3d69d6b80f56a313a4a5c5a

60 Risk Score

Malware Insights

MITRE ATT&CK

T1566.002 Phishing: Spearphishing Attachment

The file is an Excel spreadsheet identified by ClamAV as 'Xls.Dropper.QbotDocu12020-9818439-0', indicating it functions as a dropper. The primary attack pattern involves tricking the user into enabling macros to initiate a malicious download and execution chain. No specific family could be confidently identified from the provided heuristics.

Heuristics 1

ClamAV: Xls.Dropper.QbotDocu12020-9818439-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xls.Dropper.QbotDocu12020-9818439-0

Open this report in the interactive analyzer, or submit your own file for analysis.