Office (OOXML) / .XLSX malware analysis — malicious · 91d824657ee3afeb

MALICIOUS

Office (OOXML) / .XLSX

21.4 KB Created: 2006-09-16 00:00:00 UTC Authoring application: Microsoft Excel 14.0300

MD5: ee3d8bab1d96f308bc0a1c0b56d63ff5 SHA-1: e8dbd3ad0eb70fdee669b03e3b16dd69b96f605b SHA-256: 91d824657ee3afebdd59ca1267a04cac167df71b64cd85ea2e37b25d1ead0c92

60 Risk Score

Malware Insights

MITRE ATT&CK

T1566.002 Spearphishing Attachment

The file is identified by ClamAV as a dropper, specifically 'Xls.Dropper.QbotDocu12020-9818439-0'. This suggests its primary function is to download and execute additional malicious content. As no document body or scripts were extracted, the specific delivery mechanism and payload remain unknown, leading to a moderate confidence level.

Heuristics 1

ClamAV: Xls.Dropper.QbotDocu12020-9818439-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xls.Dropper.QbotDocu12020-9818439-0

Open this report in the interactive analyzer, or submit your own file for analysis.