Qbot Office (OOXML) / .XLSX malware analysis — malicious · abc9aae4e9190bd8

MALICIOUS

Office (OOXML) / .XLSX

23.6 KB Created: 2006-09-16 00:00:00 UTC Authoring application: Microsoft Excel 14.0300

MD5: e60e0126d0e13b558598bb449d487b5e SHA-1: df6c48a3880b170904154f21a0ef3e6e420eda26 SHA-256: abc9aae4e9190bd8e3e0168568e5f017236527e3c33975a1e7443ee54c7a122f

60 Risk Score

Malware Insights

Qbot · confidence 90%

MITRE ATT&CK

T1566.002 Spearphishing Attachment

The file was detected by ClamAV as 'Xls.Dropper.QbotDocu12020-9818439-0', strongly indicating its role as a Qbot dropper. This type of malware is typically delivered via malicious attachments, aiming to download and execute further stages of the attack. No specific IOCs were extracted beyond the detection signature.

Heuristics 1

ClamAV: Xls.Dropper.QbotDocu12020-9818439-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xls.Dropper.QbotDocu12020-9818439-0

Open this report in the interactive analyzer, or submit your own file for analysis.