Office (OOXML) / .XLSX malware analysis — malicious · 9668d2a1938bd26c

MALICIOUS

Office (OOXML) / .XLSX

23.6 KB Created: 2006-09-16 00:00:00 UTC Authoring application: Microsoft Excel 14.0300

MD5: 8bccd318ea778549d23290f1f7eb2153 SHA-1: cb2c0032b3f6f1e0d80f6a3363931d4ead4eb51a SHA-256: 9668d2a1938bd26c8973230e579ff99a92487e14322a45a0ee2674754591ad85

60 Risk Score

Malware Insights

MITRE ATT&CK

T1566.002 Phishing: Spearphishing Attachment

The file is identified by ClamAV as 'Xls.Dropper.QbotDocu12020-9818439-0', indicating it functions as a dropper. The OOXML format suggests it is likely an Excel file intended to exploit macro vulnerabilities. The primary attack vector is likely social engineering to convince the user to enable macros, leading to the execution of a secondary payload.

Heuristics 1

ClamAV: Xls.Dropper.QbotDocu12020-9818439-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xls.Dropper.QbotDocu12020-9818439-0

Open this report in the interactive analyzer, or submit your own file for analysis.