Overview

overview

10

Static

static

8

0a05b3c30c...de.pps

windows7_x64

10

0a05b3c30c...de.pps

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    aef3c7aa3a68afaa0b1a3540b0952b52.zip

  • Size

    49KB

  • MD5

    bdbc3b20176bd0ed00203331f4f7b23d

  • SHA1

    7285292a0b2134c2d800864aa6b474f8df79ff23

  • SHA256

    3e837fe40cee5e3aebd0e060fc575adeee8a65799162b8f16abbe48054eb752d

  • SHA512

    b44d12e068fcd8d91c3a3805e0cf6976c1e29772ea0836a9ffb8e442195d89ffc3cb11ed39e512667a9534f8e12d28c365ab201ee78f571e395536c17e83c4e3

Score
8/10
macroxlm

Malware Config

Signatures

  • Suspicious Office macro 2 IoCs

    Office document equipped with 4.0 macros.

    macroxlm
  • Document created with cracked Office version 1 IoCs

    Office document contains Grizli777 string known to be caused by using a cracked version of the software.

    macro

Files

  • aef3c7aa3a68afaa0b1a3540b0952b52.zip
    .zip

    Password: infected

  • 0a05b3c30c42b87df3944f1bcdba0db6884734641220790bc86909de80ebfdde
    .pps windows office2003

    CAlca