Office (OOXML) / .XLSX malware analysis — malicious · be6d5c623ab6f908

MALICIOUS

Office (OOXML) / .XLSX

23.6 KB Created: 2006-09-16 00:00:00 UTC Authoring application: Microsoft Excel 14.0300

MD5: aaa5ac90039686e57f79ce19445cdc18 SHA-1: b071ebe2e223e1a78f3ba0ed15958535204fdb22 SHA-256: be6d5c623ab6f9083a195c9638a03b481c2c2c33fb3caa49ded778e1788d92aa

60 Risk Score

Malware Insights

MITRE ATT&CK

T1566.002 Phishing: Spearphishing Attachment

The file is identified as a malicious Excel document by ClamAV, specifically flagged as a dropper. This suggests its primary purpose is to download and execute a secondary stage malware. Without further script or body content, the exact payload and delivery mechanism remain unknown, but the dropper nature is clear.

Heuristics 1

ClamAV: Xls.Dropper.QbotDocu12020-9818439-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xls.Dropper.QbotDocu12020-9818439-0

Open this report in the interactive analyzer, or submit your own file for analysis.