Overview

overview

6

Static

static

6

907e75030b...77.pdf

windows7-x64

5

907e75030b...77.pdf

windows10-2004-x64

5

has been v..., .xls

windows7-x64

1

has been v..., .xls

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    907e75030b0e09cec6524f612f1c7439b5260b57b43d515968f81ba69278ba77.zip

  • Size

    1.3MB

  • MD5

    9c400ed034fb0e86a8402d8ef7f3de82

  • SHA1

    47c30df5625be494fb297b5a23b7d0afe61fc698

  • SHA256

    57539bdf7887c82f1f68bc02f8c10d1e51fa88dd54183f35ad03047ebaf1fc47

  • SHA512

    c1d800475c9a52b9bf658d4faa2dc8e90cf094ff05a2ceff049a446112da2756253c146a6fba57b167e477286f9aedfa86037ea5e1179e046d18439bd7aa7230

  • SSDEEP

    24576:T8N2+fWHyv33vQ9YuixK9mOtyEukQkarv/bzGd0zVDoFUUXtsk81WZ2vG:Tr+l3cJixK0OYAQH3b62JoFhXek8cL

Score
6/10
pdfjavascriptmacro

Malware Config

Signatures

  • PDF contains JavaScript

    Detects presence of JavaScript in PDF files.

    pdfjavascript
  • PDF contains one or more embedded files

    Detects presence of embedded files in PDF files.

    pdf
  • Document created with cracked Office version 1 IoCs

    Office document contains Grizli777 string known to be caused by using a cracked version of the software.

    macro

Files

  • 907e75030b0e09cec6524f612f1c7439b5260b57b43d515968f81ba69278ba77.zip
    .zip

    Password: infected

  • 907e75030b0e09cec6524f612f1c7439b5260b57b43d515968f81ba69278ba77.pdf
    .pdf
  • has been verified. However PDF, IMG, docx, .xls
    .xls windows office2003