Qbot Office (OOXML) / .XLSX malware analysis — malicious · c8c4c062d1fa9235

MALICIOUS

Office (OOXML) / .XLSX

21.4 KB Created: 2006-09-16 00:00:00 UTC Authoring application: Microsoft Excel 14.0300

MD5: 19ce94d9e70b3f4cce970d61c0910c7f SHA-1: 3278459996acbe9e1bd09c68346a76e2d897b057 SHA-256: c8c4c062d1fa9235fd4e364ddec48b02eb0daf3887c301415dd2113e21773267

60 Risk Score

Malware Insights

Qbot · confidence 90%

MITRE ATT&CK

T1566.002 Phishing: Spearphishing Attachment

The file is identified as a malicious Excel document by ClamAV, specifically flagged as a Qbot dropper. This indicates the document's primary purpose is to download and execute the Qbot malware. The detection signature suggests a known threat actor or family associated with this type of malicious document.

Heuristics 1

ClamAV: Xls.Dropper.QbotDocu12020-9818439-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xls.Dropper.QbotDocu12020-9818439-0

Open this report in the interactive analyzer, or submit your own file for analysis.