Office (OOXML) / .XLSX malware analysis — malicious · 7cc7a2b045f25f61

MALICIOUS

Office (OOXML) / .XLSX

23.6 KB Created: 2006-09-16 00:00:00 UTC Authoring application: Microsoft Excel 14.0300

MD5: 61aefd779615085cf1a1e13276fba490 SHA-1: 788f2b54578d881abd2d803e1e0436f689e5dd2e SHA-256: 7cc7a2b045f25f61f5ffc8edd9e2af3acf565316531c58a0d485bcc672cb1114

60 Risk Score

Malware Insights

MITRE ATT&CK

T1566.002 Phishing: Spearphishing Attachment

The file is identified by ClamAV as 'Xls.Dropper.QbotDocu12020-9818439-0', strongly indicating its function as a dropper for other malware. The presence of this signature suggests the Excel file's primary purpose is to download and execute a malicious payload, likely Qbot or a related variant, upon opening.

Heuristics 1

ClamAV: Xls.Dropper.QbotDocu12020-9818439-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xls.Dropper.QbotDocu12020-9818439-0

Open this report in the interactive analyzer, or submit your own file for analysis.