Static task
static1
Behavioral task
behavioral1
Sample
25.pps
Resource
win7v20201028
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
25.pps
Resource
win10v20201028
windows10_x64
0 signatures
0 seconds
General
-
Target
25.pps
-
Size
100KB
-
MD5
c30e4c2f1fa54d2ef33b728ab424eeb5
-
SHA1
78de8719ed871189a4a79f4d37b6f664dbd7ed29
-
SHA256
8db5da6f4ee55565df9d436ab0052eaebab54a915929835e839c513e6c658e9f
-
SHA512
03266e5d5f717c7042e45a0703771eb66d72bfd2751309c27ca9162c1924bca360cf9b49522ea93484fa6c9e4a5ac46d32dcec1b65e7e1396aacc6d0528b18e0
Score
8/10
Malware Config
Signatures
-
Processes:
resource yara_rule sample office_macros -
Document created with cracked Office version 1 IoCs
Office document contains Grizli777 string known to be caused by using a cracked version of the software.
Processes:
resource yara_rule sample grizli777_cracked_office
Files
-
25.pps.pps windows office2003
ÛÁ±¾œ»×ÐEddd