Office (OOXML) / .XLSX malware analysis — malicious · 7dc1cd46ba2e3828

MALICIOUS

Office (OOXML) / .XLSX

21.4 KB Created: 2006-09-16 00:00:00 UTC Authoring application: Microsoft Excel 14.0300

MD5: 3d3c77c8add3a3df26e4a98276c58ecf SHA-1: 3886e67ebc1d78d7710147f422a5523fd7d49168 SHA-256: 7dc1cd46ba2e3828b7c5cc0a840d344c5a1b0219d42282e50b7d70d04e6c27cd

60 Risk Score

Malware Insights

MITRE ATT&CK

T1566.002 Spearphishing Attachment

The file is identified by ClamAV as 'Xls.Dropper.QbotDocu12020-9818439-0', indicating it functions as a dropper for other malware. As an Excel document, it likely uses macro or other embedded exploits to achieve its malicious objective, such as downloading and executing a secondary payload. Further analysis would be required to identify the specific payload and its associated IOCs.

Heuristics 1

ClamAV: Xls.Dropper.QbotDocu12020-9818439-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xls.Dropper.QbotDocu12020-9818439-0

Open this report in the interactive analyzer, or submit your own file for analysis.