Qbot Office (OOXML) / .XLSX malware analysis — malicious · c3575915c0e3e5e6

MALICIOUS

Office (OOXML) / .XLSX

21.4 KB Created: 2006-09-16 00:00:00 UTC Authoring application: Microsoft Excel 14.0300

MD5: 0e76b05e36f9ab2ed59cdaa901e1b700 SHA-1: 9131400710ddc3ec7ec232e4dc119f4a21510e32 SHA-256: c3575915c0e3e5e6661593555199a949a1cf363525a48c35349e5025df08d185

60 Risk Score

Malware Insights

Qbot · confidence 95%

MITRE ATT&CK

T1566.002 Phishing: Spearphishing Attachment

The file is an Excel document identified by ClamAV as 'Xls.Dropper.QbotDocu12020-9818439-0', strongly indicating it is a Qbot dropper. The primary function is to deliver the Qbot malware to the victim's system. No further details on the delivery mechanism or specific IOCs beyond the file hash were extracted.

Heuristics 1

ClamAV: Xls.Dropper.QbotDocu12020-9818439-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xls.Dropper.QbotDocu12020-9818439-0

Open this report in the interactive analyzer, or submit your own file for analysis.