Qbot Office (OOXML) / .XLSX malware analysis — malicious · 909bd24e765fbc63

MALICIOUS

Office (OOXML) / .XLSX

23.6 KB Created: 2006-09-16 00:00:00 UTC Authoring application: Microsoft Excel 14.0300

MD5: 082a8470a5507e61bd147ea0d96f1b7b SHA-1: e8c41c2a4bcc52ded7d0e85f1cf20442a3dbe0fd SHA-256: 909bd24e765fbc63799df06963ef1b6efa9980968f7e83e551941e188b39621d

60 Risk Score

Malware Insights

Qbot · confidence 95%

MITRE ATT&CK

T1204 Malicious File Execution

The file is identified by ClamAV as Xls.Dropper.QbotDocu12020-9818439-0, indicating it functions as a dropper for the Qbot malware family. The primary function is to deliver and execute a secondary malicious payload. The detection signature strongly suggests the malware's intent.

Heuristics 1

ClamAV: Xls.Dropper.QbotDocu12020-9818439-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xls.Dropper.QbotDocu12020-9818439-0

Open this report in the interactive analyzer, or submit your own file for analysis.