Cryptam // document analysis


Sample Details

original filename: 95f5b80e6c15195d675132d42833d357.virus

size: 50176 bytes
submitted: 2017-07-12 17:56:33
md5: 95f5b80e6c15195d675132d42833d357
sha1: cbb0a7a3aee49de450aa4cde6f50558bc0a150bc
sha256: 06fa65336eab8f6eb361f296a728cab41651e3a1afa1e382a82b1c3dc642ab2c
ssdeep: 1536:QMMMM9FgVwbX/uJO2of6ulMMF+BGzZ956aFCK3rsIEqEv8lC8EtwY:sxYysIX28lCKY
content/type: Composite Document File V2 Document, Little Endian, Os
analysis time: 0.64 s
result: malware [22]
embedded executable: found

signature hits:

43218: suspicious.office Visual Basic macro
34467: string.RegOpenKeyExA
45208: string.KERNEL32


Strings

raw strings
decrypted raw strings