Cryptam // document analysis


Sample Details

original filename: ca0e0f2a9a630d9e49fb73478284a46c.virus

size: 305152 bytes
submitted: 2017-04-16 16:32:01
md5: ca0e0f2a9a630d9e49fb73478284a46c
sha1: 02b61e21737b14c9d79abf2e1e456771e67c69a5
sha256: 3ff7fdd4edd3a6d642d93983431ae5dea7e7ec0bf5eb0c06b94f6064a5307c60
ssdeep: 6144:l4sfDA7DBwKJALZI29VfNcr1IFCEDBzPqdHLxrdMKOZr72oxTEvV:l4sfDA7DBwKJALZI29VfNkIFVDBzPqdP
content/type: Composite Document File V2 Document, Little Endian, Os
analysis time: 1.46 s
result: malware [22]
embedded executable: found

signature hits:

300882: suspicious.office Visual Basic macro
99817: string.CloseHandle
99765: string.CreateFileA


Strings

raw strings
decrypted raw strings