Cryptam // document analysis


Sample Details

original filename: vbaProject.bin

size: 1346560 bytes
submitted: 2017-04-16 04:12:01
md5: 163f8c8dae34b659cee371a34a94c4e7
sha1: 8d75869d352bf17789769e11dfa85be0b0219775
sha256: 2d138f413ffd94a87c21a16190d0f826de33feb87f73053922cac46235381168
ssdeep: 24576:EajK5EpCLIhEgMBI1QraeoTsuyKh/V1Yk3FTqvJzJAGu63IFus:j8kj
content/type: Composite Document File V2 Document, No summary info
analysis time: 2.32 s
result: malware [32]
embedded executable: found

signature hits:

174678: exploit.office embedded Visual Basic write to file Scripting.FileSystemObject
1025804: suspicious.office Visual Basic macro
1033930: string.user32.dll


Strings

raw strings
decrypted raw strings