INVOICES pfi 705, pfi 704, pfi 706[.]xls | Triage

Sharing

General

Target

INVOICES pfi 705, pfi 704, pfi 706.xls
Size

1.8MB
MD5

6a6241952b7a8cfae5829a9d5a8b3817
SHA1

bb655cf36b34519ef75e266e27e30c9d686495b1
SHA256

931f9150e9cd6ca335a8d65b1b607fdafc68a337de810b0be3f5581e2f8abb20
SHA512

bb678cb8bbb9713bb77803d83148c2be2706832cd23a42552bb9edf000a76c4c381cd474a3606c74b4dd8a8849bd608642ad5092c0dbfec1d6ed2647433b16c3
SSDEEP

49152:MLKp+MX3+MXpLKoX3+MXXMTaB2X5vcs6C31l0+:87EOEdoEXMOoD31l0+

Score

5^/10

macro

Malware Config

Signatures

Document created with cracked Office version 1 IoCs

Office document contains Grizli777 string known to be caused by using a cracked version of the software.

resource	yara_rule
sample	grizli777_cracked_office

Files

INVOICES pfi 705, pfi 704, pfi 706.xls
.xls windows office2003