Cryptam // document analysis


Sample Details

original filename: vbaProject.bin

size: 22528 bytes
submitted: 2017-04-16 14:14:14
md5: 88d3d438203fbf5a4f5d196093be8bfa
sha1: cad6a0baffc686f7341ca4e96fd6d0ba7e98a73e
sha256: 15a357b88860faec6f2f434050f9fe46ea0652819c324b266ee416f711ef8aab
ssdeep: 384:e5t9ENXqo7NjLY6oUtarnB34atThsGiyp5s5qBDO40XJksL:+NONjkzoq5hO1v
content/type: Composite Document File V2 Document, No summary info
analysis time: 0.91 s
result: malware [22]
embedded executable: found

signature hits:

19090: suspicious.office Visual Basic macro
3999: string.URLDownloadToFileA
3734: string.shell32.dll


Strings

raw strings
decrypted raw strings