Xls.Downloader.Agent08210-9888570-0 — Office (OOXML) malware analysis

Static analysis result for SHA-256 a5cdc6f4061e4dd5…

MALICIOUS

Office (OOXML)

246.7 KB Created: 2021-05-25 21:48:16 UTC Authoring application: Microsoft Excel 16.0300
MD5: a6c08b5930bdf8dbd647123f616d415c SHA-1: 9d691c80477111d987dd64ffa16d4df8b6996149 SHA-256: a5cdc6f4061e4dd53da98794ef25cded26fc93c3c585ea7720054a8ead80c352
60 Risk Score

Malware Insights

Xls.Downloader.Agent08210-9888570-0 · confidence 85%

MITRE ATT&CK
T1566.001 Spearphishing Attachment

The file was detected by ClamAV as Xls.Downloader.Agent08210-9888570-0, indicating it functions as a downloader. While no specific scripts or URLs were extracted, the heuristic strongly suggests the Excel document's purpose is to fetch and execute a malicious payload, likely delivered via spearphishing.

Heuristics 1

  • ClamAV: Xls.Downloader.Agent08210-9888570-0 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Xls.Downloader.Agent08210-9888570-0

Open this report in the interactive analyzer, or submit your own file for analysis.