Qbot Office (OOXML) / .XLSX malware analysis — malicious · bedb9c515955f780

MALICIOUS

Office (OOXML) / .XLSX

21.4 KB Created: 2006-09-16 00:00:00 UTC Authoring application: Microsoft Excel 14.0300

MD5: e353319dbb358c2a9ff7d5a592153ea2 SHA-1: ed5b7b8381f02656d89e0f96c2e71a494cf5e915 SHA-256: bedb9c515955f780dde014771dc0bc70e30b7b29ae2c59165364e634cfe13522

60 Risk Score

Malware Insights

Qbot · confidence 95%

MITRE ATT&CK

T1566.002 Phishing: Spearphishing Attachment

The file is identified by ClamAV as 'Xls.Dropper.QbotDocu12020-9818439-0', strongly indicating its function as a Qbot dropper. This type of malware typically aims to download and execute further malicious stages onto the victim's system. No specific IOCs were extracted from the provided metadata and heuristics.

Heuristics 1

ClamAV: Xls.Dropper.QbotDocu12020-9818439-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xls.Dropper.QbotDocu12020-9818439-0

Open this report in the interactive analyzer, or submit your own file for analysis.