Office (OOXML) / .XLSX malware analysis — malicious · 8a6949e2f544e9a3

MALICIOUS

Office (OOXML) / .XLSX

21.4 KB Created: 2006-09-16 00:00:00 UTC Authoring application: Microsoft Excel 14.0300

MD5: 77a5c918d1417d406f0ef37eba9c6f10 SHA-1: febc0d7d8a84322b27abf809f861a28a017dd26c SHA-256: 8a6949e2f544e9a35c3ce546079e05cb201da5d2eb1433e663b5d52e8ae7a0cc

60 Risk Score

Malware Insights

MITRE ATT&CK

T1204 Malicious File Execution T1566 Phishing

The file is an Excel document identified by ClamAV as 'Xls.Dropper.QbotDocu12020-9818439-0', indicating it functions as a dropper. Dropper malware is typically used to download and execute further malicious payloads. Without additional script or body content, the exact nature of the payload cannot be determined, but the intent is clearly malicious execution.

Heuristics 1

ClamAV: Xls.Dropper.QbotDocu12020-9818439-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xls.Dropper.QbotDocu12020-9818439-0

Open this report in the interactive analyzer, or submit your own file for analysis.