Behavioral task
behavioral1
Sample
RFQ# RE-485.xls
Resource
win7-20220812-en
7 signatures
150 seconds
Behavioral task
behavioral2
Sample
RFQ# RE-485.xls
Resource
win10v2004-20221111-en
4 signatures
150 seconds
General
-
Target
RFQ# RE-485.xls
-
Size
1.0MB
-
MD5
0dba9bd4231f6807570d59c5f627eda3
-
SHA1
384b87aa3a47b0363375280223c2688567c4ec96
-
SHA256
12944f865ae794adb12d08c5593f853fe21a05ede595b71d793f3a67d73e759e
-
SHA512
c67a59df33666a11f0354490aa54c5ae839adeaaa29839432facef4ed229d45584a9eab408c80250790edb5e8baccbf9051f0af4c30c6af6c20e219d39bef09c
-
SSDEEP
24576:mzZFexvZ59NVfFeJx5wBHGkcPrBIdoz4GBbQlNfu:mPMZ39U5YGnydoMBlQ
Score
5/10
Malware Config
Signatures
-
Document created with cracked Office version 1 IoCs
Office document contains Grizli777 string known to be caused by using a cracked version of the software.
resource yara_rule sample grizli777_cracked_office
Files
-
RFQ# RE-485.xls.xls windows office2003