Qbot Office (OOXML) / .XLSX malware analysis — malicious · b6247669b0be05db

MALICIOUS

Office (OOXML) / .XLSX

23.6 KB Created: 2006-09-16 00:00:00 UTC Authoring application: Microsoft Excel 14.0300

MD5: 007d66cf2c79bde3904548f8caa7e33a SHA-1: b045c52499e623e3a79d3c490f20298ac62aaafa SHA-256: b6247669b0be05dbf072bba7a52321d70a0fc0bbe2eeaec4c6eab98e0324b610

60 Risk Score

Malware Insights

Qbot · confidence 90%

MITRE ATT&CK

T1566.002 Phishing: Spearphishing Attachment

Static analysis identified the file as a Qbot dropper based on ClamAV heuristics. This type of malware is typically used to download and execute further malicious stages, often through phishing lures. No specific IOCs were extracted from this sample.

Heuristics 1

ClamAV: Xls.Dropper.QbotDocu12020-9818439-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xls.Dropper.QbotDocu12020-9818439-0

Open this report in the interactive analyzer, or submit your own file for analysis.