Qbot Office (OOXML) / .XLSX malware analysis — malicious · cfed28ebbf78d765

MALICIOUS

Office (OOXML) / .XLSX

23.6 KB Created: 2006-09-16 00:00:00 UTC Authoring application: Microsoft Excel 14.0300

MD5: 55029954207a1c406c33ea69921360e4 SHA-1: 83ccb6bc212025da4c42451877f44ea4be30e53a SHA-256: cfed28ebbf78d7657e2fbc15fc4ce15f0bac0ded4c08f71c6bbb3d5fda1d06c8

60 Risk Score

Malware Insights

Qbot · confidence 85%

MITRE ATT&CK

T1204 Malicious File

The file is identified by ClamAV as 'Xls.Dropper.QbotDocu12020-9818439-0', strongly suggesting it is a Qbot variant designed to drop and execute a secondary payload. No specific IOCs were extracted beyond the detection name.

Heuristics 1

ClamAV: Xls.Dropper.QbotDocu12020-9818439-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xls.Dropper.QbotDocu12020-9818439-0

Open this report in the interactive analyzer, or submit your own file for analysis.