Office (OOXML) / .XLSX malware analysis — malicious · dbb01930ac71242d

MALICIOUS

Office (OOXML) / .XLSX

23.6 KB Created: 2006-09-16 00:00:00 UTC Authoring application: Microsoft Excel 14.0300

MD5: 1caefab62010fbc0fd08d260578cf630 SHA-1: 7e0913e37b31cdf5b1e10069035d80da83359b31 SHA-256: dbb01930ac71242dd8653dbea63be674175726c6b8c4aca28a6bcbb84a8c78c8

60 Risk Score

Malware Insights

MITRE ATT&CK

T1566.002 Phishing: Spearphishing Attachment

The file is identified by ClamAV as 'Xls.Dropper.QbotDocu12020-9818439-0', indicating it functions as a dropper for other malware. The primary attack pattern is likely spearphishing, where the malicious Excel file is delivered as an attachment to trick users into opening it. No further details on the dropped payload or specific execution methods were available from the static analysis.

Heuristics 1

ClamAV: Xls.Dropper.QbotDocu12020-9818439-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xls.Dropper.QbotDocu12020-9818439-0

Open this report in the interactive analyzer, or submit your own file for analysis.