Office (OOXML) / .XLSX malware analysis — malicious · cd0303843298bc1d

MALICIOUS

Office (OOXML) / .XLSX

21.4 KB Created: 2006-09-16 00:00:00 UTC Authoring application: Microsoft Excel 14.0300

MD5: f16e1cfcaf907e5bc5796e9d9b99d31f SHA-1: f92ba339de9ebe61f4ec0e1172a66eb99fdd1b87 SHA-256: cd0303843298bc1dd22d3b805e56a50b5d5fbaeab885b2615bc66cdb1521a961

60 Risk Score

Malware Insights

MITRE ATT&CK

T1566.002 Phishing: Spearphishing Attachment

The file is an Excel spreadsheet identified by ClamAV as Xls.Dropper.QbotDocu12020-9818439-0. This heuristic suggests the file is a dropper, likely intended to download and execute a secondary payload upon user interaction, such as enabling macros. No further details on the payload or specific delivery mechanism were extracted.

Heuristics 1

ClamAV: Xls.Dropper.QbotDocu12020-9818439-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xls.Dropper.QbotDocu12020-9818439-0

Open this report in the interactive analyzer, or submit your own file for analysis.