Cryptam // document analysis


Sample Details

original filename: ca1178eabd130ae20b5be70df0ebc115.virus

size: 151552 bytes
submitted: 2017-06-14 02:23:05
md5: ca1178eabd130ae20b5be70df0ebc115
sha1: 4192de0f6b29e41f51a50cd1b690bcdd1fc9d474
sha256: 021cee174b891a31592215415579ffa04d16d7640866317bff6f58d4f055d76b
ssdeep: 3072:SP/+LwWdr7FaiYIAtkPw9iYgnaA88sfl5:MsFaC499gnc8
content/type: Composite Document File V2 Document, Little Endian, Os
analysis time: 6.85 s
result: malware [22]
embedded executable: found

signature hits:

141394: suspicious.office Visual Basic macro
15479: string.CloseHandle
15447: string.CreateFileA


Strings

raw strings
decrypted raw strings