Qbot Office (OOXML) / .XLSX malware analysis — malicious · 83bf8ad332935b10

MALICIOUS

Office (OOXML) / .XLSX

23.6 KB Created: 2006-09-16 00:00:00 UTC Authoring application: Microsoft Excel 14.0300

MD5: d1394c6907c3d986ec3582ba405154c3 SHA-1: be27e5973a1546b62c550ea0a176900cc0d2d645 SHA-256: 83bf8ad332935b103af601cfdc8bcaf372d1ee78851515271b795d9a9f12da65

60 Risk Score

Malware Insights

Qbot · confidence 85%

MITRE ATT&CK

T1566.002 Phishing: Spearphishing Attachment

The file is an Excel document identified by ClamAV as 'Xls.Dropper.QbotDocu12020-9818439-0', strongly indicating it is a Qbot downloader. The document's purpose is to execute malicious code, likely leading to the download and installation of the Qbot malware. No further IOCs were extracted from the provided evidence.

Heuristics 1

ClamAV: Xls.Dropper.QbotDocu12020-9818439-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xls.Dropper.QbotDocu12020-9818439-0

Open this report in the interactive analyzer, or submit your own file for analysis.