Static task
static1
Behavioral task
behavioral1
Sample
DOC.ppt
Resource
win7v20201028
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
DOC.ppt
Resource
win10v20201028
windows10_x64
0 signatures
0 seconds
General
-
Target
DOC.ppt
-
Size
141KB
-
MD5
53f09cdb89620ee0d02c006d5bdf758f
-
SHA1
caf1ff6f5563d23eac7c547f2309c0608ae3029f
-
SHA256
a9194b2dc593c73598cc95b3b1aad400910f48225e527dc61159300be44651ca
-
SHA512
60374ee268f24ce193c860caf5ccf779a94388f44923bf2ecd5ba3273dfe937c4d8f960cdd906f56eccd39a81623636a2b07c22f116de8f1ee48cbe5f89b8a94
Score
8/10
Malware Config
Signatures
-
Processes:
resource yara_rule sample office_macros -
Document created with cracked Office version 1 IoCs
Office document contains Grizli777 string known to be caused by using a cracked version of the software.
Processes:
resource yara_rule sample grizli777_cracked_office
Files
-
DOC.ppt.ppt .pps windows office2003
CAlca