Office (OOXML) / .XLSX malware analysis — malicious · 9850a486f2c2c36a

MALICIOUS

Office (OOXML) / .XLSX

23.6 KB Created: 2006-09-16 00:00:00 UTC Authoring application: Microsoft Excel 14.0300

MD5: 838f78a2b29b8dc01b6f054cddbd130b SHA-1: 73bbb4e4753948d4833da25bc6be001434e57755 SHA-256: 9850a486f2c2c36a8e78824e27fa76dc4e47255ccd652c4fee95cd52175ab699

60 Risk Score

Malware Insights

MITRE ATT&CK

T1566.002 Phishing: Spearphishing Attachment

The file is an Excel spreadsheet identified by ClamAV as a Qbot dropper. The presence of macro-related heuristics suggests it is designed to trick the user into enabling macros, which would then likely execute a malicious payload. No specific IOCs were extracted from this sample.

Heuristics 1

ClamAV: Xls.Dropper.QbotDocu12020-9818439-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xls.Dropper.QbotDocu12020-9818439-0

Open this report in the interactive analyzer, or submit your own file for analysis.