General
-
Target
502081f4dae86e0230b0666e3611a346_JaffaCakes118
-
Size
1.8MB
-
MD5
502081f4dae86e0230b0666e3611a346
-
SHA1
9651bc475e64c022c16f2c59028a04cd7eb2e943
-
SHA256
2d1260b6b5b4e03e76c89aa4ec1c8228b7380beda7c9cb700e8e7fce5b552688
-
SHA512
ca648f40168c8bb7ea6ca5a6796147315f20fad22ebca78c87e16ddd01a0b99bae55dcb50e8a0ab16e1f60cbbdea95a20b70ba108c24477cff6b8e7621632fb4
-
SSDEEP
49152:Tl0W/3+/jawRkxMV+tbZdHk3ELDCEuJMXA94J:TZf+XVsbZSU3yMXZJ
Score
10/10
Malware Config
Extracted
Rule
Microsoft Office Webquery
C2
http://www.xlexe.com/versiongse.php
Signatures
-
Office macro that triggers on suspicious action 1 IoCs
Office document macro which triggers in special circumstances - often malicious.
-
Suspicious Office macro 1 IoCs
Office document equipped with macros.
Files
-
502081f4dae86e0230b0666e3611a346_JaffaCakes118
-
A lire avant toute utilisation de GSE.txt
-
Gestion de Stock sous Excel.xls
Feuil14
ThisWorkbook
Feuil2
Feuil3
Feuil6
Macros_1
USF_ACCUEIL
USF_AJOUT
USF_SORTIE
USF_INVENTAIRE
USF_NVX_PRODUIT
Feuil5
USF_RAZ
USF_AIDE
USF_VALIDATION
USF_MODIFICATION
Variables
Feuil9
USF_RESEAUX
USF_PASS
Feuil8
USF_DEMARRAGE
Feuil10
Feuil7
Feuil1
Feuil11
Feuil4
Macros_2
Feuil18
USF_BARRE
Feuil12
USF_ERREUR
USF_MAINTENANCE
Feuil13
USF_CALENDRIER
USF_INVENT_SELECTION
USF_INV_STOCK
USF_SELECTION
USF_LANGUE
USF_QUITTER
Fonctions
USF_PERIM
USF_SUPPRESSION
USF_INFORMATION
USF_IMPORT
USF_INV_DATE
Module_WebCAM
Feuil15
USF_RETOUR
Feuil16
Stockage
Feuil17
References
USF_TEL_IMAGE
USF_IMAGE
Etats
USF_FICHES
USF_PARAMETRES
Mod_Scan
F_Arbo
Module_com
W_Admin
USF_INV_LOTS
Feuil19
USF_INV_LOT_EST
Feuil20
Mysql
Module1
USF_MSQL
M_MouseWheelHook
USF_CAPTURE