Cryptam // document analysis


Sample Details

original filename: d5735cc4ab9e9d60fb322fe8f26e4759.virus

size: 537600 bytes
submitted: 2017-06-14 02:51:59
md5: d5735cc4ab9e9d60fb322fe8f26e4759
sha1: dc029dab9977e560ac38c538963c56569604540f
sha256: 21afa40b6726d2a85df804896497fe96710877125a847c3c7fa6939040f6bb32
ssdeep: 12288:pNmMgNiOR/DiXLjfhhFNw1110XoBXJyBYjLmBK:pNmMgsZT44oe
content/type: Composite Document File V2 Document, Little Endian, Os
analysis time: 7.31 s
result: malware [22]
embedded executable: found

signature hits:

350982: suspicious.office Visual Basic macro
142967: string.CloseHandle
142935: string.CreateFileA


Strings

raw strings
decrypted raw strings