Qbot Office (OOXML) / .XLSX malware analysis — malicious · ecc7ad7eb13fa503

MALICIOUS

Office (OOXML) / .XLSX

23.6 KB Created: 2006-09-16 00:00:00 UTC Authoring application: Microsoft Excel 14.0300

MD5: 4dff4dd05ef58be9d7a83db2056560e9 SHA-1: 430e80e31e4d729cf2f6f24ce7319d921ac9ca59 SHA-256: ecc7ad7eb13fa503938e4c595b51d8d066fba999e5976809c2359b3a93cf3dda

60 Risk Score

Malware Insights

Qbot · confidence 95%

MITRE ATT&CK

T1566.002 Phishing: Spearphishing Attachment

The file is identified by ClamAV as 'Xls.Dropper.QbotDocu12020-9818439-0', strongly indicating its role as a Qbot dropper. This type of malware typically aims to download and execute further malicious stages onto the victim's system. No specific IOCs were extracted from the provided metadata and heuristics.

Heuristics 1

ClamAV: Xls.Dropper.QbotDocu12020-9818439-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xls.Dropper.QbotDocu12020-9818439-0

Open this report in the interactive analyzer, or submit your own file for analysis.