Qbot Office (OOXML) / .XLSX malware analysis — malicious · 96a48260034cab14

MALICIOUS

Office (OOXML) / .XLSX

29.5 KB Created: 2006-09-16 00:00:00 UTC Authoring application: Microsoft Excel 14.0300

MD5: 07357fdd28a87ac1c8855f078899554e SHA-1: 08d5cf58f79cbd15cdddb38b3506f637c222caf0 SHA-256: 96a48260034cab14874fa6abb018f511364224fbf4f5c6c35ed264a286da85c8

60 Risk Score

Malware Insights

Qbot · confidence 90%

MITRE ATT&CK

T1566.002 Phishing: Spearphishing Attachment

The ClamAV heuristic 'Xls.Dropper.QbotDocu12020-9818439-0' strongly indicates this Excel file is a Qbot dropper. Qbot is known to be distributed via malicious Office documents, often using social engineering to trick users into enabling macros. This file likely serves as an initial infection vector.

Heuristics 1

ClamAV: Xls.Dropper.QbotDocu12020-9818439-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xls.Dropper.QbotDocu12020-9818439-0

Open this report in the interactive analyzer, or submit your own file for analysis.