Qbot Office (OOXML) / .XLSX malware analysis — malicious · b74d8c2ecb0e920d

MALICIOUS

Office (OOXML) / .XLSX

23.6 KB Created: 2006-09-16 00:00:00 UTC Authoring application: Microsoft Excel 14.0300

MD5: 298cfc18654d68714b3932202c9eb6ff SHA-1: a0fe31956342e1c017411ec8e52320d38eb59e2e SHA-256: b74d8c2ecb0e920dc1364100de63abc045d0c9b1bf2d742838fa9ec31be9fea4

60 Risk Score

Malware Insights

Qbot · confidence 95%

MITRE ATT&CK

T1566.002 Spearphishing Attachment

The file is identified by ClamAV as 'Xls.Dropper.QbotDocu12020-9818439-0', strongly indicating its function as a dropper for Qbot malware. The detection suggests the Excel file is designed to deliver a malicious payload, likely through a macro or exploit, to the victim's system.

Heuristics 1

ClamAV: Xls.Dropper.QbotDocu12020-9818439-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xls.Dropper.QbotDocu12020-9818439-0

Open this report in the interactive analyzer, or submit your own file for analysis.