Static task
static1
Behavioral task
behavioral1
Sample
Order 122001-220.ppt
Resource
win7v20201028
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
Order 122001-220.ppt
Resource
win10v20201028
0 signatures
0 seconds
General
-
Target
Order 122001-220.ppt
-
Size
71KB
-
MD5
23d32b5017e9a8a9bed86613cf31e692
-
SHA1
123d40bd3867d41ce42f13112bafbf3f728f75ad
-
SHA256
4f0d613797aa59fbcb957162c37d586e020cfb65a886972b404bbda4473d0b5e
-
SHA512
9d5162f2e923d3597bb50101e466806e22b9c038da9a5dc7199f04d56ef075db1c2331907bdb262362a0cba78488a90169f09cdf95751f205b3c4728f7e757b2
Score
8/10
Malware Config
Signatures
-
Office macro that triggers on suspicious action 1 IoCs
Office document macro which triggers in special circumstances - often malicious.
Processes:
resource yara_rule sample office_macro_on_action -
Processes:
resource yara_rule sample office_macros -
Document created with cracked Office version 1 IoCs
Office document contains Grizli777 string known to be caused by using a cracked version of the software.
Processes:
resource yara_rule sample grizli777_cracked_office
Files
-
Order 122001-220.ppt.ppt .pps windows office2003