Office (OOXML) / .XLSX malware analysis — malicious · 888d8b7cf08e4032

MALICIOUS

Office (OOXML) / .XLSX

21.4 KB Created: 2006-09-16 00:00:00 UTC Authoring application: Microsoft Excel 14.0300

MD5: 4d358e27c55b48cf5dbf99b63d545394 SHA-1: 2b98558499cb0e080dfc34a48e2c6e70cbe9a2a9 SHA-256: 888d8b7cf08e40320a2923df777cfb18b78ebdd68784bd44c797d458c457d289

60 Risk Score

Malware Insights

MITRE ATT&CK

T1204 Malicious File Execution

The file is an Office document identified by ClamAV as 'Xls.Dropper.QbotDocu12020-9818439-0', indicating its function as a dropper. While no specific document body or scripts were extracted, the heuristic detection strongly suggests the file's purpose is to deliver and execute additional malicious content. The SHA256 hash is included as a primary indicator.

Heuristics 1

ClamAV: Xls.Dropper.QbotDocu12020-9818439-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xls.Dropper.QbotDocu12020-9818439-0

Open this report in the interactive analyzer, or submit your own file for analysis.