Cryptam // document analysis


Sample Details

original filename: dd5b6efe403042cd961e1bfb3e5714f9

size: 144896 bytes
submitted: 2017-09-09 06:45:48
md5: dd5b6efe403042cd961e1bfb3e5714f9
sha1: ff8f55e4efbae3db4088d8b53ce8e3ac48398550
sha256: 2ce2ada06aeabb341a77dd8f43566885ff683de224ebb6341f79e7e14435d74e
ssdeep: 1536:deUOKji3PNjeoHlvhNwv19fG5Dv+KAPHSIQGwdAo8NpezxSv0i6n9/j6vqMo5VV8:5jho90A6KYHIA+xTEvxwV
content/type: Composite Document File V2 Document, Little Endian, Os
analysis time: 59.06 s
result: malware [22]
embedded executable: found

signature hits:

137490: suspicious.office Visual Basic macro
40567: string.CloseHandle
40535: string.CreateFileA


Strings

raw strings
decrypted raw strings