Qbot Office (OOXML) / .XLSX malware analysis — malicious · eab0828c7f565283

MALICIOUS

Office (OOXML) / .XLSX

29.5 KB Created: 2006-09-16 00:00:00 UTC Authoring application: Microsoft Excel 14.0300

MD5: a42078a41c3c5b6f20ee4b615f4fd125 SHA-1: 625d0933747b6a3b59ff71d245264c9b97efbaf0 SHA-256: eab0828c7f565283283bd6f2aab13e8107f1ae8ad593f855a050eb4a762975de

60 Risk Score

Malware Insights

Qbot · confidence 90%

MITRE ATT&CK

T1566.002 Phishing: Spearphishing Attachment

Static analysis identified the file as an Excel document with a critical ClamAV detection signature indicating it is a Qbot dropper. The presence of this signature strongly suggests the file's purpose is to download and execute the Qbot malware. No further IOCs or document body content were available for analysis.

Heuristics 1

ClamAV: Xls.Dropper.QbotDocu12020-9818439-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xls.Dropper.QbotDocu12020-9818439-0

Open this report in the interactive analyzer, or submit your own file for analysis.