Cryptam // document analysis


Sample Details

original filename: drp[1].js

size: 2354956 bytes
submitted: 2018-04-12 06:50:02
md5: 58e3154d9e2eb9cc9cdee0222e05d355
sha1: 4668305b6419b9e236f943b297e9179193321e01
sha256: 283e412a46ba0883e8051ca2288ee65cf10bba66c602b1a9eca9baf0135cc807
ssdeep: 49152:FhMKjsTJx+gguYEWzUs7swT/fws97t2LaGJOljSY3qEJIq5JKOXk7nF3IzHPu/IP:j
content/type: data
analysis time: 3.78 s
result: malware [70]
embedded executable: found

signature hits:

18382: exploit.office embedded Visual Basic write to file Scripting.FileSystemObject
14313: exploit.office embedded Visual Basic execute shell command Wscript.Shell
18807: exploit.office embedded Visual Basic accessing file OpenTextFile
261044: string.user32.dll


Strings

raw strings
decrypted raw strings