Qbot Office (OOXML) / .XLSX malware analysis — malicious · 5a1140e46df0531d

MALICIOUS

Office (OOXML) / .XLSX

29.5 KB Created: 2006-09-16 00:00:00 UTC Authoring application: Microsoft Excel 14.0300

MD5: 8d77f66dcffbd827e3d4b478fdd3f79e SHA-1: 1a5daefeca6ca3a64b7b6b3c57ffad0881f589dc SHA-256: 5a1140e46df0531da48e475ec246ad476df622a31df3ea3bc36057549f4dbc69

60 Risk Score

Malware Insights

Qbot · confidence 90%

MITRE ATT&CK

T1566.002 Phishing: Spearphishing Attachment

The file is identified by ClamAV as 'Xls.Dropper.QbotDocu12020-9818439-0', strongly indicating its role as a Qbot dropper. This type of malware typically aims to download and execute further malicious stages onto the victim's system. No specific IOCs were extracted from the provided metadata and heuristics.

Heuristics 1

ClamAV: Xls.Dropper.QbotDocu12020-9818439-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xls.Dropper.QbotDocu12020-9818439-0

Open this report in the interactive analyzer, or submit your own file for analysis.