Cryptam // document analysis


Sample Details

original filename: 3d4c03a0820aba3aa22ee0cc5147ec19.virus

size: 159744 bytes
submitted: 2017-06-14 02:29:03
md5: 3d4c03a0820aba3aa22ee0cc5147ec19
sha1: df20e1d23f4aac99a64b8bfcea69b1a9e3153b22
sha256: 322b6c031d18bcfd5a2eefea1a7df37545375a75c811c90e08b1b7132d781f3f
ssdeep: 1536:xvuV87oHlvhNwv19fG5Dv+6OqnnbDT3//gA2HSIQqwpAU8BpezFSv0i6n9/j6vqE:0+o90A6pucRHIAOFTEviwFU/XxQ
content/type: Composite Document File V2 Document, Little Endian, Os
analysis time: 5.03 s
result: malware [22]
embedded executable: found

signature hits:

152338: suspicious.office Visual Basic macro
24183: string.CloseHandle
24151: string.CreateFileA


Strings

raw strings
decrypted raw strings