Office (OOXML) / .XLSX malware analysis — malicious · 90549f305aefa5f6

MALICIOUS

Office (OOXML) / .XLSX

23.6 KB Created: 2006-09-16 00:00:00 UTC Authoring application: Microsoft Excel 14.0300

MD5: eac05a9e593c850c931f65469d85a60f SHA-1: ff1b56308e3ab2005339e82aa3f0d789fe56b3dc SHA-256: 90549f305aefa5f67fc7682c32d6fd771702e1e0493197d3038968320901264e

60 Risk Score

Malware Insights

MITRE ATT&CK

T1566.002 Phishing: Spearphishing Attachment

The file is an Excel document flagged by ClamAV as a dropper, indicating it is designed to download and execute other malware. The presence of macro-related heuristics suggests the document likely attempts to trick the user into enabling macros to initiate the malicious payload delivery. No specific family could be identified, but the dropper functionality is clear.

Heuristics 1

ClamAV: Xls.Dropper.QbotDocu12020-9818439-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xls.Dropper.QbotDocu12020-9818439-0

Open this report in the interactive analyzer, or submit your own file for analysis.