Cryptam // document analysis


Sample Details

original filename: 0dd11a5f729275e495af5a7ca706a606.virus

size: 804864 bytes
submitted: 2017-04-16 16:32:09
md5: 0dd11a5f729275e495af5a7ca706a606
sha1: 0539748ea996032b668d74385cd88354245df448
sha256: 29e332f57e59058a46579485b3702d5fed16daa556ab99421f10e4be21241494
ssdeep: 6144:HJmH53X0zWGWErtmVVR1j9ZMpL9/A4F6aphu:HJmH53X0zWGWx70Lpbxu
content/type: Composite Document File V2 Document, Little Endian, Os
analysis time: 1.59 s
result: malware [22]
embedded executable: found

signature hits:

797458: suspicious.office Visual Basic macro
686199: string.CloseHandle
686167: string.CreateFileA


Strings

raw strings
decrypted raw strings