Static task
static1
Behavioral task
behavioral1
Sample
25.pps
Resource
win7v20201028
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
25.pps
Resource
win10v20201028
windows10_x64
0 signatures
0 seconds
General
-
Target
25.pps
-
Size
143KB
-
MD5
c475bbc0142c89758cb3f15625f5dee7
-
SHA1
eea1ff58d1a0b6a471f9a34d97b102c2cd0a3431
-
SHA256
7df670fa6de80e87fa03dfba84f5777054d5a55737f8fce07679a637342250a3
-
SHA512
241a3575dd78dcc2b4f20d20a46f53f4910c7e613ba1dba87b5dd7c9aaa4cc5ebf83784c2560e60fee5ad11732cb3a36a445a6cc82ae851e10367fbbdda8ad9f
Score
8/10
Malware Config
Signatures
-
Processes:
resource yara_rule sample office_macros -
Document created with cracked Office version 1 IoCs
Office document contains Grizli777 string known to be caused by using a cracked version of the software.
Processes:
resource yara_rule sample grizli777_cracked_office
Files
-
25.pps.pps windows office2003
CAlca