Office (OOXML) / .XLSX malware analysis — malicious · 90342ea1a089f12b

MALICIOUS

Office (OOXML) / .XLSX

21.4 KB Created: 2006-09-16 00:00:00 UTC Authoring application: Microsoft Excel 14.0300

MD5: 000f5ba2cab7c3403a25ee133e81c0e4 SHA-1: b331f22159c8c5f1b11b489a6e277ad19192879a SHA-256: 90342ea1a089f12b58386be7c9223c9eda0999b24917499f096ed64b8ba74f76

60 Risk Score

Malware Insights

MITRE ATT&CK

T1566.002 Phishing: Spearphishing Attachment

The file is identified by ClamAV as 'Xls.Dropper.QbotDocu12020-9818439-0', indicating it functions as a dropper for other malware. While no specific document body or scripts were extracted, the detection strongly suggests the Excel file is designed to lure the user into enabling macros or exploiting a vulnerability to download and execute a malicious payload.

Heuristics 1

ClamAV: Xls.Dropper.QbotDocu12020-9818439-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xls.Dropper.QbotDocu12020-9818439-0

Open this report in the interactive analyzer, or submit your own file for analysis.