25[.]pps | Triage

Sharing

General

Target

25.pps
Size

100KB
MD5

c30e4c2f1fa54d2ef33b728ab424eeb5
SHA1

78de8719ed871189a4a79f4d37b6f664dbd7ed29
SHA256

8db5da6f4ee55565df9d436ab0052eaebab54a915929835e839c513e6c658e9f
SHA512

03266e5d5f717c7042e45a0703771eb66d72bfd2751309c27ca9162c1924bca360cf9b49522ea93484fa6c9e4a5ac46d32dcec1b65e7e1396aacc6d0528b18e0

Score

8^/10

macro

Malware Config

Signatures

Suspicious Office macro 1 IoCs
Office document equipped with macros.
macro

Processes:

resource yara_rule

sample office_macros

Document created with cracked Office version 1 IoCs

Office document contains Grizli777 string known to be caused by using a cracked version of the software.

Processes:

resource	yara_rule
sample	grizli777_cracked_office

Files

25.pps
.pps windows office2003

ÛÁ±¾œ»×ÐEddd