Office (OOXML) / .XLSX malware analysis — malicious · c9ab1a03d3a8aa30

MALICIOUS

Office (OOXML) / .XLSX

21.4 KB Created: 2006-09-16 00:00:00 UTC Authoring application: Microsoft Excel 14.0300

MD5: 93551265247725a80afbd452c08287d0 SHA-1: 05ef16328d280ecf78d26d2bc25a7ccf9f323f7d SHA-256: c9ab1a03d3a8aa30ee5bca6832e16c2e64a2e8ca2529704c92dfcc037d548318

60 Risk Score

Malware Insights

MITRE ATT&CK

T1566.002 Phishing: Spearphishing Attachment

The file is an Excel spreadsheet identified by ClamAV as 'Xls.Dropper.QbotDocu12020-9818439-0', indicating it functions as a dropper. The primary attack vector is likely social engineering to convince the user to enable macros, which would then execute the malicious payload. No specific IOCs were extracted from this sample.

Heuristics 1

ClamAV: Xls.Dropper.QbotDocu12020-9818439-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xls.Dropper.QbotDocu12020-9818439-0

Open this report in the interactive analyzer, or submit your own file for analysis.