Cryptam // document analysis


Sample Details

original filename: CHECK.doc

size: 1693696 bytes
submitted: 2017-06-14 11:01:03
md5: 4168731ce8952898855d955fa7da2939
sha1: c593da84913036a544868150dcfa8ee02d4b2534
sha256: 2d4eb808f974534b8477bd4bc4efdd0ccabb3e9076458fa345c206548527630e
ssdeep: 24576:YWL6L9XHXLmBi8zEyn1yri9y+PyBwwIfRg7:RL6L9XHXLmBi8zEyn1yri9y+PSuRg7
content/type: Composite Document File V2 Document, Little Endian, Os
analysis time: 59.20 s
result: malware [12]
embedded executable: found

signature hits:

1680598: suspicious.office Visual Basic macro
28771: string.URLDownloadToFileA


Strings

raw strings
decrypted raw strings