d878a7c8...3ba3 | Network
Try VMRay Analyzer
VTI SCORE: 93/100
Dynamic Analysis Report
Classification: Downloader

d878a7c8fa46c52020a07de7726a8a740d245dcf0a58355b88a054059f933ba3 (SHA256)

Mert-Obfuscated25.xlsm

Excel Document

Created at 2019-02-17 13:34:00

Network Overview

Hosts (1)
»
Hostname IP Address Location Protocols Reputation Status WHOIS Data
www.mertsarica.com 104.28.15.65 United States HTTPS, TCP, UDP
Unknown
Not Queried
DNS Queries (1)
»
Hostname Categories Names Source Reputation Status
www.mertsarica.com - - PCAP
Unknown
URLs (1)
»
URL Categories Names Source HTTP Status Code Reputation Status
https://www.mertsarica.com/macro.php - - Function Log -
Unknown

Connections

DNS (1)
»
Operation Additional Information Success Count Logfile
Resolve Name host = www.mertsarica.com, address_out = 104.28.15.65 True 1 -
TCP Sessions (1)
»
Information Value
Total Data Sent 663.30 KB
Total Data Received 21.28 KB
Contacted Host Count 1
Contacted Hosts 104.28.15.65
TCP Session #1
»
Information Value
Source PCAP
Stream ID 5
Remote Address 104.28.15.65
Remote Port 443
Local Address 192.168.0.142
Local Port 49163
Data Sent 663.30 KB
Data Received 21.28 KB
Time Highest Layer Additional Information Success
17.730157 s TCP Data Sent: 0.06 KB, Data Received: 0.06 KB True
17.745473 s TCP Data Sent: 0.05 KB, Data Received: 1.48 KB True
17.749462 s SSL Data Sent: 0.21 KB, Data Received: 0.05 KB True
17.773925 s TCP Data Sent: 0.05 KB, Data Received: 0.00 KB False
17.787759 s SSL Data Sent: 0.18 KB, Data Received: 0.10 KB True
17.836616 s SSL Data Sent: 0.53 KB, Data Received: 0.00 KB False
17.838204 s SSL Data Sent: 1.48 KB, Data Received: 0.05 KB True
17.865605 s TCP Data Sent: 1.48 KB, Data Received: 0.00 KB False
17.865645 s TCP Data Sent: 1.48 KB, Data Received: 0.00 KB False
17.865657 s TCP Data Sent: 1.48 KB, Data Received: 0.00 KB False
17.865672 s TCP Data Sent: 0.05 KB, Data Received: 0.05 KB True
17.880182 s TCP Data Sent: 1.48 KB, Data Received: 0.00 KB False
17.880221 s TCP Data Sent: 1.48 KB, Data Received: 0.00 KB False
17.880244 s TCP Data Sent: 1.48 KB, Data Received: 0.00 KB False
17.880254 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
17.880263 s TCP Data Sent: 0.05 KB, Data Received: 0.05 KB True
17.930528 s TCP Data Sent: 1.48 KB, Data Received: 0.00 KB False
17.930580 s TCP Data Sent: 1.48 KB, Data Received: 0.00 KB False
17.930590 s TCP Data Sent: 1.48 KB, Data Received: 0.00 KB False
17.930602 s SSL Data Sent: 1.48 KB, Data Received: 0.00 KB False
17.930609 s TCP Data Sent: 1.48 KB, Data Received: 0.00 KB False
17.930617 s TCP Data Sent: 1.48 KB, Data Received: 0.00 KB False
17.930626 s TCP Data Sent: 1.48 KB, Data Received: 0.00 KB False
17.930634 s TCP Data Sent: 1.48 KB, Data Received: 0.00 KB False
17.930641 s TCP Data Sent: 0.05 KB, Data Received: 0.05 KB True
17.944149 s TCP Data Sent: 1.48 KB, Data Received: 0.00 KB False
17.944193 s TCP Data Sent: 1.48 KB, Data Received: 0.00 KB False
17.944202 s TCP Data Sent: 0.05 KB, Data Received: 0.05 KB True
17.945137 s TCP Data Sent: 1.48 KB, Data Received: 0.00 KB False
17.945162 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
17.945170 s TCP Data Sent: 0.05 KB, Data Received: 0.05 KB True
17.945780 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
17.945795 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
17.945807 s SSL Data Sent: 0.69 KB, Data Received: 0.05 KB True
17.947475 s SSL Data Sent: 1.48 KB, Data Received: 0.05 KB True
17.947499 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
17.947513 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
17.947521 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
17.947528 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
17.947541 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
17.947548 s TCP Data Sent: 0.05 KB, Data Received: 0.05 KB True
17.948829 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
17.948856 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
17.948865 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
17.948873 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
17.948883 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
17.948890 s SSL Data Sent: 0.37 KB, Data Received: 0.05 KB True
17.964979 s SSL Data Sent: 1.48 KB, Data Received: 0.05 KB True
17.965013 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
17.965022 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
17.965030 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
17.965041 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
17.965049 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
17.965059 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
17.965066 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
17.965074 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
17.965084 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
17.965091 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
17.965098 s SSL Data Sent: 0.37 KB, Data Received: 0.05 KB True
17.967062 s SSL Data Sent: 1.48 KB, Data Received: 0.05 KB True
17.967175 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
17.967578 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
17.967592 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
17.967600 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
17.967610 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
17.967618 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
17.967625 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
17.967635 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
17.967643 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
17.967650 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
17.967661 s SSL Data Sent: 0.37 KB, Data Received: 0.05 KB True
17.999236 s SSL Data Sent: 1.48 KB, Data Received: 0.00 KB False
17.999284 s TCP Data Sent: 1.48 KB, Data Received: 0.00 KB False
17.999293 s TCP Data Sent: 1.48 KB, Data Received: 0.00 KB False
17.999301 s TCP Data Sent: 1.48 KB, Data Received: 0.00 KB False
17.999311 s TCP Data Sent: 1.48 KB, Data Received: 0.00 KB False
17.999319 s TCP Data Sent: 1.48 KB, Data Received: 0.00 KB False
17.999327 s TCP Data Sent: 1.48 KB, Data Received: 0.00 KB False
17.999336 s TCP Data Sent: 1.48 KB, Data Received: 0.00 KB False
17.999344 s TCP Data Sent: 1.48 KB, Data Received: 0.00 KB False
17.999353 s TCP Data Sent: 1.48 KB, Data Received: 0.00 KB False
17.999361 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
17.999368 s SSL Data Sent: 0.37 KB, Data Received: 0.05 KB True
17.999898 s SSL Data Sent: 1.48 KB, Data Received: 0.05 KB True
17.999918 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
17.999926 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
17.999936 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
17.999944 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
17.999952 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
17.999961 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
17.999968 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
17.999976 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
17.999985 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
17.999993 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
18.000002 s SSL Data Sent: 0.37 KB, Data Received: 0.05 KB True
18.017430 s SSL Data Sent: 1.48 KB, Data Received: 0.05 KB True
18.017457 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
18.017471 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
18.017479 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
18.017486 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
18.017497 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
18.017505 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
18.017512 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
18.017522 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
18.017529 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
18.017539 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
18.017546 s SSL Data Sent: 0.37 KB, Data Received: 0.05 KB True
18.020168 s SSL Data Sent: 0.31 KB, Data Received: 0.05 KB True
18.035511 s SSL Data Sent: 1.48 KB, Data Received: 0.00 KB False
18.035593 s TCP Data Sent: 1.48 KB, Data Received: 0.00 KB False
18.035603 s TCP Data Sent: 1.48 KB, Data Received: 0.00 KB False
18.035616 s TCP Data Sent: 1.48 KB, Data Received: 0.00 KB False
18.035625 s TCP Data Sent: 1.48 KB, Data Received: 0.00 KB False
18.035634 s TCP Data Sent: 1.48 KB, Data Received: 0.00 KB False
18.035646 s TCP Data Sent: 1.48 KB, Data Received: 0.00 KB False
18.035654 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
18.035663 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
18.035674 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
18.035683 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
18.035694 s SSL Data Sent: 0.37 KB, Data Received: 0.05 KB True
18.036538 s SSL Data Sent: 1.48 KB, Data Received: 0.05 KB True
18.036559 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
18.036568 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
18.036582 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
18.036591 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
18.036599 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
18.036610 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
18.036618 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
18.036629 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
18.036637 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
18.036645 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
18.036657 s SSL Data Sent: 0.37 KB, Data Received: 0.05 KB True
18.056284 s SSL Data Sent: 1.48 KB, Data Received: 0.05 KB True
18.056319 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
18.056340 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
18.056349 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
18.056358 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
18.056370 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
18.056379 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
18.056390 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
18.056398 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
18.056406 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
18.056417 s TCP Data Sent: 1.48 KB, Data Received: 0.05 KB True
18.056426 s SSL Data Sent: 0.37 KB, Data Received: 0.05 KB True
18.108222 s SSL Data Sent: 1.48 KB, Data Received: 0.00 KB False
18.108269 s TCP Data Sent: 1.48 KB, Data Received: 0.00 KB False
18.108281 s TCP Data Sent: 1.48 KB, Data Received: 0.00 KB False
18.108298 s TCP Data Sent: 1.48 KB, Data Received: 0.00 KB False
18.108306 s TCP Data Sent: 1.48 KB, Data Received: 0.00 KB False
18.108315 s TCP Data Sent: 1.48 KB, Data Received: 0.00 KB False
The remaining entries of this session are omitted for performance reasons and can be found in analysis.pcap .
UDP Sessions (1)
»
Total Data Sent 0.08 KB
Total Data Received 0.11 KB
Contacted Host Count 1
Contacted Hosts 192.168.0.1
UDP Session #1
»
Information Value
Source PCAP
Stream ID 21
Remote Address 192.168.0.1
Remote Port 53
Local Address 192.168.0.142
Local Port 53121
Data Sent 0.08 KB
Data Received 0.11 KB
Time Highest Layer Additional Information Success
17.716590 s DNS Data Sent: 0.08 KB, Data Received: 0.11 KB True
HTTP Sessions (1)
»
Information Value
Total Data Sent 0.66 KB
Total Data Received 0.00 KB
Contacted Host Count 1
Contacted Hosts www.mertsarica.com
HTTP Session #1
»
Information Value
Source Function Log
User Agent Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.3; Win64; x64; Trident/7.0; .NET4.0E; .NET4.0C; .NET CLR 3.5.30729; .NET CLR 2.0.50727; .NET CLR 3.0.30729)
Server Name www.mertsarica.com
Server Port 443
Data Sent 0.66 KB
Data Received 0.00 KB
Operation Additional Information Success Count Logfile
Open Session user_agent = Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.3; Win64; x64; Trident/7.0; .NET4.0E; .NET4.0C; .NET CLR 3.5.30729; .NET CLR 2.0.50727; .NET CLR 3.0.30729), access_type = WINHTTP_ACCESS_TYPE_NO_PROXY, proxy_name = WINHTTP_NO_PROXY_NAME, proxy_bypass = WINHTTP_NO_PROXY_BYPASS True 1
Fn
Open Connection protocol = https, server_name = www.mertsarica.com, server_port = 443 True 1
Fn
Open HTTP Request http_verb = POST, http_version = HTTP 1.1, target_resource = /macro.php True 1
Fn
Send HTTP Request url = https://www.mertsarica.com/macro.php True 2
Fn
Function Logfile
Exit-Icon

This feature requires an online-connection to the VMRay backend.

An offline version with limited functionality is also provided.
The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy".


    
Before

This feature requires an online-connection to the VMRay backend.

An offline version with limited functionality is also provided.
The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy".


    
After

This feature requires an online-connection to the VMRay backend.

An offline version with limited functionality is also provided.
The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy".


    
Screenshot
Expand-Icon
Exit-Icon
icon_left
icon_left
image