LokiBot Office (OOXML) / .XLSX malware analysis — malicious · e4dde813c0ddc245

MALICIOUS

Office (OOXML) / .XLSX

460.5 KB

MD5: 87a4bea5cfca4c93cbf3bea2143b4c9f SHA-1: 5b64408af9a18251d62bb1f106876f9643792d6e SHA-256: e4dde813c0ddc245ef676956633e29738bc3e528a65b14e0726fc9f052add674

60 Risk Score

Malware Insights

LokiBot · confidence 95%

MITRE ATT&CK

T1566.002 Spearphishing Attachment

The file was detected by ClamAV as Win.Dropper.LokiBot-10024521-0, a known information-stealing malware family. LokiBot is commonly distributed via malicious Office documents, often employing social engineering tactics to trick users into enabling macros. The primary function of LokiBot is to steal credentials and sensitive information from infected systems.

Heuristics 1

ClamAV: Win.Dropper.LokiBot-10024521-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Win.Dropper.LokiBot-10024521-0

Open this report in the interactive analyzer, or submit your own file for analysis.