Qbot Office (OOXML) / .XLSX malware analysis — malicious · a0c6adafd3b0ed5b

MALICIOUS

Office (OOXML) / .XLSX

23.6 KB Created: 2006-09-16 00:00:00 UTC Authoring application: Microsoft Excel 14.0300

MD5: 043112e860080e4f2631851ce6be942d SHA-1: bb734febb8b156f48c9f230e0b6de2215a875bd0 SHA-256: a0c6adafd3b0ed5b6c21d4b35077b8e627452e8f5f0650f2e443694102633e74

60 Risk Score

Malware Insights

Qbot · confidence 90%

MITRE ATT&CK

T1566.002 Phishing: Spearphishing Attachment

The file is identified by ClamAV as 'Xls.Dropper.QbotDocu12020-9818439-0', strongly indicating it is a Qbot dropper. Qbot is known for its capabilities in stealing financial information and facilitating further network compromise. The detection suggests the file is designed to execute malicious code upon opening.

Heuristics 1

ClamAV: Xls.Dropper.QbotDocu12020-9818439-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xls.Dropper.QbotDocu12020-9818439-0

Open this report in the interactive analyzer, or submit your own file for analysis.