Office (OOXML) / .XLSX malware analysis — malicious · ced750b87d00a79f

MALICIOUS

Office (OOXML) / .XLSX

21.4 KB Created: 2006-09-16 00:00:00 UTC Authoring application: Microsoft Excel 14.0300

MD5: d3b1bd37674aeb66c3e11abfd8d0eb76 SHA-1: 3e5dc4bf7071dc3b13d003eb34acfee0e9c0ee4c SHA-256: ced750b87d00a79f56e00fc4905e74b0a8598ca4c9862ab3646ebf0342f99bb4

60 Risk Score

Malware Insights

MITRE ATT&CK

T1566.002 Spearphishing Attachment

The file is identified by ClamAV as a Qbot dropper, indicating its primary function is to download and execute a malicious payload. While no specific document body or scripts were extracted, the heuristic detection strongly suggests a malicious dropper functionality. Further analysis would be required to identify the specific payload and delivery mechanism.

Heuristics 1

ClamAV: Xls.Dropper.QbotDocu12020-9818439-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xls.Dropper.QbotDocu12020-9818439-0

Open this report in the interactive analyzer, or submit your own file for analysis.