SecuriteInfo[.]com[.]CL[.]Downloadergen87[.]10432[.]2074

General

Target

SecuriteInfo.com.CL.Downloadergen87.10432.2074
Size

92KB
MD5

94b5dda22f81433dc9282b766bbdd336
SHA1

ecc3171ea5720db2fd83000941fcc2d4d618bbf1
SHA256

902d92c8b869fe25b212fe80b313b8bd7391482334a155942b6bbd96e3c2f481
SHA512

3761098371683eefc2a2eb52f5eb4a50f6568f00d5e0a80b8bacbdf383d9d42d4c419bc00804d1bdac4356c4d4327185f4a42bbcd6ce8b7529a6d2e1fc0989f2

Score

8^/10

Office macro that triggers on suspicious action 1 IoCs

Office document macro which triggers in special circumstances - often malicious.

Processes:

resource	yara_rule
sample	office_macro_on_action

Suspicious Office macro 2 IoCs

Office document equipped with 4.0 macros.

Processes:

resource	yara_rule
sample	office_xlm_macros
sample	office_macros

Document created with cracked Office version 1 IoCs

Office document contains Grizli777 string known to be caused by using a cracked version of the software.

Processes:

resource	yara_rule
sample	grizli777_cracked_office