Office (OOXML) / .XLSX malware analysis — malicious · b7b2bf4362f01738

MALICIOUS

Office (OOXML) / .XLSX

23.6 KB Created: 2006-09-16 00:00:00 UTC Authoring application: Microsoft Excel 14.0300

MD5: ba0538a1504c5f0d8c4a5c366963d461 SHA-1: 235fc838c4b64df9d61f8a0fcf7085e88041f3d5 SHA-256: b7b2bf4362f0173851647c8abc71869e6096287b9d1c34b8d7cc6a1503e3de64

60 Risk Score

Malware Insights

MITRE ATT&CK

T1204 Malicious File T1204.002 Malicious File: User Execution

The file is an Excel document identified by ClamAV as 'Xls.Dropper.QbotDocu12020-9818439-0'. This detection strongly suggests the file's purpose is to act as a dropper, initiating the download and execution of additional malicious content. The specific dropper behavior indicates a high likelihood of a multi-stage attack.

Heuristics 1

ClamAV: Xls.Dropper.QbotDocu12020-9818439-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xls.Dropper.QbotDocu12020-9818439-0

Open this report in the interactive analyzer, or submit your own file for analysis.