Office (OOXML) / .XLSX malware analysis — malicious · f3d6f7266c9a45d0

MALICIOUS

Office (OOXML) / .XLSX

21.4 KB Created: 2006-09-16 00:00:00 UTC Authoring application: Microsoft Excel 14.0300

MD5: a1a0251240c171c0ead8a99a4631684f SHA-1: bc0ed938cf8bb762be35c1a3a1f4ef7102c161fe SHA-256: f3d6f7266c9a45d051f719fb29c623318e2127afacf18e87f098719c1e1a7d5c

60 Risk Score

Malware Insights

MITRE ATT&CK

T1566.002 Phishing: Spearphishing Attachment

The critical heuristic firing indicates this Excel file is detected as a dropper, likely Qbot. The file's purpose is to trick the user into enabling macros, which would then download and execute a secondary payload. No specific IOCs were extracted from the static analysis.

Heuristics 1

ClamAV: Xls.Dropper.QbotDocu12020-9818439-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xls.Dropper.QbotDocu12020-9818439-0

Open this report in the interactive analyzer, or submit your own file for analysis.