Office (OOXML) / .XLSX malware analysis — malicious · 8ba6c862fb1a9074

MALICIOUS

Office (OOXML) / .XLSX

29.5 KB Created: 2006-09-16 00:00:00 UTC Authoring application: Microsoft Excel 14.0300

MD5: 917c09257b6737207e94ffb234712b78 SHA-1: 968e90a6eaa9ae0105872e8bf311ba3f4fd0c795 SHA-256: 8ba6c862fb1a9074326a3161530497f7e531ec201498b732931aa0ce7cea63f9

60 Risk Score

Malware Insights

MITRE ATT&CK

T1566.002 Phishing: Spearphishing Attachment

The file is an Excel document identified by ClamAV as Xls.Dropper.QbotDocu12020-9818439-0, indicating it functions as a dropper. Dropper malware typically aims to download and execute additional malicious payloads. Without further script or body content, the specific delivery mechanism and ultimate payload remain unknown, but the intent is clearly malicious.

Heuristics 1

ClamAV: Xls.Dropper.QbotDocu12020-9818439-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xls.Dropper.QbotDocu12020-9818439-0

Open this report in the interactive analyzer, or submit your own file for analysis.