Cryptam // document analysis


Sample Details

original filename: f71561eb6fa47409a84b37f42b945f30

size: 131072 bytes
submitted: 2017-09-09 06:49:21
md5: f71561eb6fa47409a84b37f42b945f30
sha1: 0155f6d7f5e09a3bb78ab042e301b636f057c51f
sha256: 3b52e64d8d26fa03e9261c33e9f7861275ce1f9f53f53ad8096e9f46d7405b59
ssdeep: 1536:3bCgQ1illCFUk8RKHmT2W35N8O11Sv+KAPHSIQQwdAo8NpezxSv0i6n9/j6vqMoG:DlFKOZrLKYH+A+xTEvxww
content/type: Composite Document File V2 Document, Little Endian, Os
analysis time: 35.66 s
result: malware [22]
embedded executable: found

signature hits:

123666: suspicious.office Visual Basic macro
26743: string.CloseHandle
26711: string.CreateFileA


Strings

raw strings
decrypted raw strings