Overview

overview

10

Static

static

8

2cef1c6ead...58.xls

windows7_x64

10

2cef1c6ead...58.xls

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2cef1c6ead6c8faebf201a1e2b24a8e89b27e946244cf2116c607810b5e4f658

  • Size

    527KB

  • MD5

    f940e886a40783deb4e97fe6d842da7a

  • SHA1

    804c607df4ca86483cfc26ed919c91f6e915d7e1

  • SHA256

    2cef1c6ead6c8faebf201a1e2b24a8e89b27e946244cf2116c607810b5e4f658

  • SHA512

    6d6f990dac1b319a79fb39a535ed30db6a99885d9ff1961124ebb29626a25bb6ee2aa5606f6a8d72f2d48f78a6c1fd401d45830c6919dd95c0c3149737cabaf2

  • SSDEEP

    12288:LNZ9kqoVd7/dl7K7O/+x5WRvn2KefBUChqZA:L

Score
8/10
macromacro_on_action

Malware Config

Signatures

  • Office macro that triggers on suspicious action 1 IoCs

    Office document macro which triggers in special circumstances - often malicious.

    macromacro_on_action
  • Document created with cracked Office version 1 IoCs

    Office document contains Grizli777 string known to be caused by using a cracked version of the software.

    macro

Files

  • 2cef1c6ead6c8faebf201a1e2b24a8e89b27e946244cf2116c607810b5e4f658
    .xls windows office2003

    ThisWorkbook

    Sheet1

    Sheet2

    Sheet3

    Module1

    UserForm1