Qbot Office (OOXML) / .XLSX malware analysis — malicious · 93b2249b459cdd2e

MALICIOUS

Office (OOXML) / .XLSX

23.6 KB Created: 2006-09-16 00:00:00 UTC Authoring application: Microsoft Excel 14.0300

MD5: 04c4f7876ddc84308c2c2e0b3ac5b2dd SHA-1: 4f83be5eaa18994df378d0e2867931b7eede3495 SHA-256: 93b2249b459cdd2e4bfcece8e640cc9fbdc7ed6b7f608ee1e36d778d5d47299c

60 Risk Score

Malware Insights

Qbot · confidence 90%

MITRE ATT&CK

T1566.002 Phishing: Spearphishing Attachment

The file is an Excel document flagged by ClamAV as 'Xls.Dropper.QbotDocu12020-9818439-0', strongly indicating it is a Qbot downloader. The detection suggests the file's primary purpose is to execute malicious code, likely to download and install the Qbot malware. No further IOCs were extracted from the provided evidence.

Heuristics 1

ClamAV: Xls.Dropper.QbotDocu12020-9818439-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xls.Dropper.QbotDocu12020-9818439-0

Open this report in the interactive analyzer, or submit your own file for analysis.