Office (OOXML) / .XLSX malware analysis — malicious · f528c9a5c890c117

MALICIOUS

Office (OOXML) / .XLSX

21.4 KB Created: 2006-09-16 00:00:00 UTC Authoring application: Microsoft Excel 14.0300

MD5: 986c9ee6fa08cd99131a5a2242d02373 SHA-1: 5d68f8109bf2e68363b37783f231e556e473ed7e SHA-256: f528c9a5c890c1173dbea84c809dfaee703860a1a48c27e0b3c940fd776041a1

60 Risk Score

Malware Insights

MITRE ATT&CK

T1566.002 Spearphishing Attachment

The file is identified by ClamAV as 'Xls.Dropper.QbotDocu12020-9818439-0', indicating it functions as a dropper for malicious content. While no specific document body or scripts were extracted, the detection strongly suggests this Excel file is part of an initial access chain, likely delivered via spearphishing.

Heuristics 1

ClamAV: Xls.Dropper.QbotDocu12020-9818439-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Xls.Dropper.QbotDocu12020-9818439-0

Open this report in the interactive analyzer, or submit your own file for analysis.