Qbot Office (OOXML) / .XLSX malware analysis — malicious · a6200733b4a7c0b6

MALICIOUS

Office (OOXML) / .XLSX

29.5 KB Created: 2006-09-16 00:00:00 UTC Authoring application: Microsoft Excel 14.0300

MD5: 40c0581d5b3fbcee40fbfc8adeb5ae50 SHA-1: 976d2ea0e1c559728d056542684258cb6483cbfd SHA-256: a6200733b4a7c0b6cd5187916536eac093bf717c98565d36598a5cb6730b71b0

60 Risk Score

Malware Insights

Qbot · confidence 90%

MITRE ATT&CK

T1566.002 Phishing: Spearphishing Attachment

Static analysis identified the file as an Excel document with a critical ClamAV detection signature indicating it is a Qbot dropper. The presence of this signature strongly suggests the file's purpose is to download and execute the Qbot malware. No further IOCs or document body content were available for analysis.

Heuristics 1

ClamAV: Xls.Dropper.QbotDocu12020-9818439-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xls.Dropper.QbotDocu12020-9818439-0

Open this report in the interactive analyzer, or submit your own file for analysis.