Office (OOXML) / .XLSX malware analysis — malicious · 58b4d3a8ac81bccd

MALICIOUS

Office (OOXML) / .XLSX

29.5 KB Created: 2006-09-16 00:00:00 UTC Authoring application: Microsoft Excel 14.0300

MD5: 64639bb158b49370243575f3ad2fab40 SHA-1: 48cc11df96d9ca31f2b6cc72b3eac1b4e6e44e66 SHA-256: 58b4d3a8ac81bccd822f185ac19a7ddd3e9f3bc7fbef291c3311f332eca091b5

60 Risk Score

Malware Insights

MITRE ATT&CK

T1566.002 Phishing: Spearphishing Attachment

The file is identified as a malicious Excel document by ClamAV with the signature 'Xls.Dropper.QbotDocu12020-9818439-0'. This signature suggests the file acts as a dropper, indicating its primary purpose is to download and execute a secondary malicious payload. The document's structure and the heuristic firing strongly support a phishing attack pattern where the user is tricked into opening the malicious attachment.

Heuristics 1

ClamAV: Xls.Dropper.QbotDocu12020-9818439-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xls.Dropper.QbotDocu12020-9818439-0

Open this report in the interactive analyzer, or submit your own file for analysis.