Cryptam // document analysis


Sample Details

original filename: 8f2c46eea73aa78fa45230ac6a506150

size: 118784 bytes
submitted: 2017-09-09 06:58:25
md5: 8f2c46eea73aa78fa45230ac6a506150
sha1: 7c1725c3f7a91ebab6702b5c1d9da2c1ad4d37ae
sha256: 25d7750e094406ccfe0a28c0eeed68cc99f90065c0f7d0ce1e137f9a7881e425
ssdeep: 1536:31114yvscFcxA84u5IUEzMKWfZ95JvMrYHF/hdAf1N/G5T/+AnEk5DwVU3csHYDq:swYdkAK6N52VfDi6FkKNxIV
content/type: Composite Document File V2 Document, Little Endian, Os
analysis time: 55.86 s
result: malware [22]
embedded executable: found

signature hits:

112594: suspicious.office Visual Basic macro
15479: string.CloseHandle
15447: string.CreateFileA


Strings

raw strings
decrypted raw strings