Overview

overview

5

Static

static

5

MV Oslo Ea...ce.xls

windows7-x64

1

MV Oslo Ea...ce.xls

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    b3a8c4c505ea3dc87be0418e739e67f97ea0f64145d62da58402d6932f169a3d.zip

  • Size

    313KB

  • MD5

    9db7e5df2af613f78f3478854f9d9d53

  • SHA1

    102259d49369b28a6b556ffa7fb8b61bab239bf9

  • SHA256

    e629accdb0cb5bc722c3be410cbe849e80ecd4d85ababc9e4c6fa31c50782cfc

  • SHA512

    830b7a79e59bf5b64db41effc7e23f42ea6a9ec32a5bc9c989477c3d3feb5a3b0fd967957e9a90b78a58996a8e86c957346878459c1249af46a9ea3e42b719ae

  • SSDEEP

    6144:H6ChN/A3tleEbKjFx9wUtpj8IBTGCEVAA4amygXB8rurdLebg26FkQ:hLADei6x9jpQIBT/ID4LVmrurd6kzFkQ

Score
5/10
macro

Malware Config

Signatures

  • Document created with cracked Office version 1 IoCs

    Office document contains Grizli777 string known to be caused by using a cracked version of the software.

    macro

Files

  • b3a8c4c505ea3dc87be0418e739e67f97ea0f64145d62da58402d6932f169a3d.zip
    .zip

    Password: infected

  • MV Oslo Eagle - ETG - Additional Freight Invoice.xls
    .xls windows office2003