Office (OOXML) / .XLSX malware analysis — malicious · ac8a8fb863d89747

MALICIOUS

Office (OOXML) / .XLSX

29.5 KB Created: 2006-09-16 00:00:00 UTC Authoring application: Microsoft Excel 14.0300

MD5: 3a3d26eaf1f2755fc68b473870a3bfef SHA-1: c46b3bed6c14bfe4a78ebe1125f9472738d468f9 SHA-256: ac8a8fb863d89747369b841e50f8d6587403a5a890978b951d73710ea6aa175c

60 Risk Score

Malware Insights

MITRE ATT&CK

T1566.002 Phishing: Spearphishing Attachment

The critical ClamAV heuristic identifies this Excel file as a dropper, specifically 'Xls.Dropper.QbotDocu12020-9818439-0'. This suggests the primary function of the document is to download and execute a malicious payload. As no document body or scripts were extracted, the exact nature of the lure or payload delivery mechanism cannot be determined from the provided evidence.

Heuristics 1

ClamAV: Xls.Dropper.QbotDocu12020-9818439-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xls.Dropper.QbotDocu12020-9818439-0

Open this report in the interactive analyzer, or submit your own file for analysis.