Overview

overview

5

Static

static

5

CI + PL.xls

windows7-x64

1

CI + PL.xls

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    MDE_File_Sample_caee0f6af45f1c0fbdba867a6651a1a5f628847b.zip

  • Size

    312KB

  • MD5

    3017a434c115868b927d22ccc2bfb860

  • SHA1

    597f25fdcdb75ed1b91459d42038673486f2f436

  • SHA256

    88c4def4665cb3b8d3076bd79e30b5bff3ea5b8e3432fbc751c39cd0d0d6e435

  • SHA512

    20c6151702f8309d543c0ae3482aab746a77e325e840e9bb0bb3b360b737dac0f4014d35e2a03ed7d4438da65d5587f4b1bb5e090307cd9064794e76ac7a7687

  • SSDEEP

    6144:5vqi/VhYRT3Yz2aG1ep1DDFlrykWB0uR6xzUaud1jq6dRnSgCj/jhB:5JVY3YaaGop1/FdyBYaauHWyVSgCPr

Score
5/10
macro

Malware Config

Signatures

  • Document created with cracked Office version 1 IoCs

    Office document contains Grizli777 string known to be caused by using a cracked version of the software.

    macro

Files

  • MDE_File_Sample_caee0f6af45f1c0fbdba867a6651a1a5f628847b.zip
    .zip

    Password: test123

  • CI + PL.xls
    .xls windows office2003