Office (OOXML) / .XLSX malware analysis — malicious · bd9b76083bdef38a

MALICIOUS

Office (OOXML) / .XLSX

21.4 KB Created: 2006-09-16 00:00:00 UTC Authoring application: Microsoft Excel 14.0300

MD5: 8a165186eee41322452165c29eb72026 SHA-1: 04f23c42f13f419245d1e2aef9d5f7d9198cfb02 SHA-256: bd9b76083bdef38a0ecf62287b9ea7133310daa9d8db31f12c0c367563211a96

60 Risk Score

Malware Insights

MITRE ATT&CK

T1566.002 Phishing: Spearphishing Attachment

The file is identified as a malicious Excel document by ClamAV, specifically flagged as a dropper. This indicates its primary function is to download and execute a secondary malicious payload. The SHA256 hash is included as a primary indicator of compromise.

Heuristics 1

ClamAV: Xls.Dropper.QbotDocu12020-9818439-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xls.Dropper.QbotDocu12020-9818439-0

Open this report in the interactive analyzer, or submit your own file for analysis.