Overview

overview

8

Static

static

5

dcf86e816b...d7.xls

windows7-x64

8

dcf86e816b...d7.xls

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    dcf86e816b98be53bf58186cbfc5c22b36efb1a6a4e41a4b27687795f03290d7.zip

  • Size

    811KB

  • MD5

    7dffcc3e2f277674aa1714229dbe0a51

  • SHA1

    3dcc89ab278ce18f0dd2a37ea8e270361e6e3c4e

  • SHA256

    b67dbd5db98dea8a3ad5451c8659bb34ce0d213e2d1b133f7c620edbc5f3cd09

  • SHA512

    35d6ced3cfae02e1a18279f44fd860bbab125003d93ffbe81783705617cae8156f249d03fff562291aa1caf9169a157c24258d5e147e381ba18bbacf51be7e6c

  • SSDEEP

    24576:MEdOhdGaKcX278kH6yxnclM2waqbwdsqfZnUwL0rcy5:M6OkQMlaYY4xWnTLEz5

Score
5/10
macro

Malware Config

Signatures

  • Document created with cracked Office version 1 IoCs

    Office document contains Grizli777 string known to be caused by using a cracked version of the software.

    macro

Files

  • dcf86e816b98be53bf58186cbfc5c22b36efb1a6a4e41a4b27687795f03290d7.zip
    .zip

    Password: infected

  • dcf86e816b98be53bf58186cbfc5c22b36efb1a6a4e41a4b27687795f03290d7.xls
    .xls windows office2003