Office (OOXML) / .XLSX malware analysis — malicious · be4195ffae2f5677

MALICIOUS

Office (OOXML) / .XLSX

21.4 KB Created: 2006-09-16 00:00:00 UTC Authoring application: Microsoft Excel 14.0300

MD5: bedf7919218e2f8f290e252a3693c7af SHA-1: 4b82236dee00655d1149f88ede645d55e231c25c SHA-256: be4195ffae2f5677466936e9ee806d581db3aab1b26a3da4e202808f15135bc7

60 Risk Score

Malware Insights

MITRE ATT&CK

T1566.002 Phishing: Spearphishing Attachment

The file is identified by ClamAV as 'Xls.Dropper.QbotDocu12020-9818439-0', indicating it functions as a dropper for malicious content within an Excel document. The primary attack vector is likely social engineering to convince the user to enable macros, which would then execute the embedded malicious code. No scripts were extracted, but the heuristic strongly suggests a downloader or dropper functionality.

Heuristics 1

ClamAV: Xls.Dropper.QbotDocu12020-9818439-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xls.Dropper.QbotDocu12020-9818439-0

Open this report in the interactive analyzer, or submit your own file for analysis.