Pedio #20230873[.]xls | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Pedio #20230873.xls
Size

1.7MB
MD5

68063c43aad9b7cd41bdcad90d79d5f8
SHA1

fad7708358a2c7c189d85a7a8526d10570d785bc
SHA256

b1613c6a847424a9ab5390ddd438cce123576f57a0abc18d4d0bf480215a6a9b
SHA512

d7a3441bbb7385c4b8b2bb868ae4083680fd9506b02d109a26897a93b6373fa21d80d06335084c5c7f8c9e39446f2dc06c45a50c3f23d1f144fce6b15a40ca42
SSDEEP

49152:XLKiB90Dz0ZRuGpB9g9+03keBLT74SL4E:7dAz068y82BLh

Score

5^/10

macro

Malware Config

Signatures

Document created with cracked Office version 1 IoCs

Office document contains Grizli777 string known to be caused by using a cracked version of the software.

resource	yara_rule
sample	grizli777_cracked_office

Files

Pedio #20230873.xls
.xls windows office2003