Purchase order MACL202224398[.]xls | Triage

Sharing

General

Target

Purchase order MACL202224398.xls
Size

270KB
MD5

484d14d0cadf5df8af05e33b1109c800
SHA1

ff9c640780e15486064a22257ba1b0a252b13218
SHA256

23073f04696ea6bf57f802b1cab1652ebaba661bb051861dd3c07b8c7afd4482
SHA512

39e64efe74dc4be8b9eb2ad5f26b267a6da5a3d73b0446d4e842f970b55497cbd2d6428f918d6a62d8b649f5da02b60f45565f0551bf36962ac8d43d5194a8f1
SSDEEP

6144:BVNuVN8VYEZ+RwPONXoRjDhIcp0fDlavx+W26nAasB0GUQW:TspC

Score

5^/10

macro

Malware Config

Signatures

Document created with cracked Office version 1 IoCs

Office document contains Grizli777 string known to be caused by using a cracked version of the software.

resource	yara_rule
sample	grizli777_cracked_office

Files

Purchase order MACL202224398.xls
.pps .xls windows office2003