Office (OOXML) / .XLSX malware analysis — malicious · 9516c23a6593326d

MALICIOUS

Office (OOXML) / .XLSX

29.5 KB Created: 2006-09-16 00:00:00 UTC Authoring application: Microsoft Excel 14.0300

MD5: 217ccfbb24b7a9c84fdb18eb4dcebbdc SHA-1: 1f3fd0ab49da5f35def7d55868a877fdc9959f00 SHA-256: 9516c23a6593326dee86a84615de3397547fb3e0b6fb0cf5d28dfe90ae7f37b2

60 Risk Score

Malware Insights

MITRE ATT&CK

T1566.002 Spearphishing Attachment

The file is identified by ClamAV as 'Xls.Dropper.QbotDocu12020-9818439-0', a known dropper signature. This indicates the Excel file's primary purpose is to download and execute a malicious payload. Without further script or body content, the exact execution chain and final payload remain undetermined.

Heuristics 1

ClamAV: Xls.Dropper.QbotDocu12020-9818439-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xls.Dropper.QbotDocu12020-9818439-0

Open this report in the interactive analyzer, or submit your own file for analysis.