Overview

overview

10

Static

static

10

400d31db72...18.xls

windows7-x64

1

400d31db72...18.xls

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    400d31db725d16c6da6e61bcdb3a7b57_JaffaCakes118

  • Size

    163KB

  • MD5

    400d31db725d16c6da6e61bcdb3a7b57

  • SHA1

    ea173e4b1a23488ca59d74d17d064c6d1f4b0945

  • SHA256

    bef53d4392a84478fff0943c365e66543b804634a701fbd9128cbb4fce5d871f

  • SHA512

    bce6d639ebc4b92e2663149d09a1e0590a05a767f1db6e477e82cb756e3ad1a905947f8cdd21cde97134bbefa8a24a3e8b04ca4d891cd9687f657084a6f988be

  • SSDEEP

    3072:wHk3hbdlylKsgqopeJBWhZFGkE+cL2NdSgbvC9EM8svXRbbYUVf8FK/dDxCBciTg:Mk3hbdlylKsgqopeJBWhZFVE+W2NdSgL

Score
10/10
macroxlmwebquery

Malware Config

Extracted

Rule
Microsoft Office Webquery
C2

https://tdvomds.pw/fgwg24g24g

Signatures

  • Suspicious Office macro 1 IoCs

    Office document equipped with 4.0 macros.

    macroxlm

Files

  • 400d31db725d16c6da6e61bcdb3a7b57_JaffaCakes118
    .xls windows office2003