MED160M234_Evaluation Form[.]doc

General

Target

MED160M234_Evaluation Form.doc
Size

63KB
MD5

a1750d5ef8c0f34553e41a1e3a03fd4c
SHA1

07336956ee4160545aea25a31c2dfbfc94f4331c
SHA256

500bf1b2024b027040f955e0e4e3056fc6397ea022b31c014048a40aae53e809
SHA512

2d15fc00085ee9ef4a7fa6885bbe2fa82be6503ae6f62d00562140d5fff50b0df0b9107324571fda98d53486ac4bfcd7720ebcecff5c79f12a1601474eb0db76
SSDEEP

1536:t6LOrq8Elsd64sd6Rd64sd64sd64sd64sd64sc4XMllqoyJAXutkb5kvoDg3mk8c:0OrGsd64sd6Rd64sd64sd64sd64sd64w

Score

5^/10

macro

Document created with cracked Office version 1 IoCs

Office document contains Grizli777 string known to be caused by using a cracked version of the software.

resource	yara_rule
sample	grizli777_cracked_office