General

  • Target

    NEW ORDER 032021-W878.ppt

  • Size

    71KB

  • MD5

    5c63ab7763e609cf490333be0be26596

  • SHA1

    a3b5eb9fcbc36854ef61ef2c25ccf9fa5c1a5260

  • SHA256

    736c4ad042343164463dce61269b4ab6101d8e34a4accbc3f2d23bb2e6a42f4a

  • SHA512

    e6ed55100eac92bf698af254a6cd4b1ba0b87a1290ff5d2fd37ea6166b4444c2267c89c5d7e8d524a5250b0b33a95004d3168924f4e4b091d1b1add8c5c5a3a9

Malware Config

Signatures

  • Office macro that triggers on suspicious action 1 IoCs

    Office document macro which triggers in special circumstances - often malicious.

  • Suspicious Office macro 1 IoCs

    Office document equipped with macros.

  • Document created with cracked Office version 1 IoCs

    Office document contains Grizli777 string known to be caused by using a cracked version of the software.

Files

  • NEW ORDER 032021-W878.ppt
    .ppt .pps windows office2003