Qbot Office (OOXML) / .XLSX malware analysis — malicious · 9992928c96e6bc36

MALICIOUS

Office (OOXML) / .XLSX

23.6 KB Created: 2006-09-16 00:00:00 UTC Authoring application: Microsoft Excel 14.0300

MD5: c4983986ab6989872cd0d1e9ca0f767a SHA-1: 3eb7cec40bcbe23ac4e04f4105bfe3bd09bb4c89 SHA-256: 9992928c96e6bc363925d35e381cbb8fc484cece55d0b80a8708ab876cf2ffae

60 Risk Score

Malware Insights

Qbot · confidence 85%

MITRE ATT&CK

T1204 Malicious File

The file is identified by ClamAV as 'Xls.Dropper.QbotDocu12020-9818439-0', strongly suggesting it is a Qbot dropper. As an Excel document, it likely uses macros or other embedded content to initiate the malicious payload delivery. Further analysis would be required to confirm the exact execution chain.

Heuristics 1

ClamAV: Xls.Dropper.QbotDocu12020-9818439-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xls.Dropper.QbotDocu12020-9818439-0

Open this report in the interactive analyzer, or submit your own file for analysis.