Qbot Office (OOXML) / .XLSX malware analysis — malicious · c2a34465a9caf382

MALICIOUS

Office (OOXML) / .XLSX

21.4 KB Created: 2006-09-16 00:00:00 UTC Authoring application: Microsoft Excel 14.0300

MD5: 87f3252faa75113ee89db046640ef91b SHA-1: c876477c50e71ae1b8104a5856cdebc9556b6b08 SHA-256: c2a34465a9caf3824518e5dcad6993ae2e057e13779481e4a0d7d01693ffdada

60 Risk Score

Malware Insights

Qbot · confidence 95%

MITRE ATT&CK

T1566.002 Phishing: Spearphishing Attachment

The file is identified by ClamAV as 'Xls.Dropper.QbotDocu12020-9818439-0', strongly indicating its role as a Qbot dropper. This type of malware typically aims to download and execute further malicious stages onto the victim's system. No specific IOCs were extracted from the provided metadata and heuristics.

Heuristics 1

ClamAV: Xls.Dropper.QbotDocu12020-9818439-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xls.Dropper.QbotDocu12020-9818439-0

Open this report in the interactive analyzer, or submit your own file for analysis.