Cryptam // document analysis


Sample Details

original filename: d543592fcef1c4a17a8095fce399b6cf

size: 158208 bytes
submitted: 2017-09-09 09:39:46
md5: d543592fcef1c4a17a8095fce399b6cf
sha1: 7465d0a2270f6a3fb6d803fad7b1feba4f6d7248
sha256: 4645826749091ae0997b740959f9fd48a4621cd1c7e1aee9d201e1942bf057c2
ssdeep: 1536:9jNDboqK+492G3Xuk87oHlvhNwv19fG5Dv+KAPHSIQHwdAo8NpezVSv0i6n9/j6j:9FoqYr+o90A6KYHPA+VTEvxww
content/type: Composite Document File V2 Document, Little Endian, Os
analysis time: 66.39 s
result: malware [22]
embedded executable: found

signature hits:

150802: suspicious.office Visual Basic macro
53879: string.CloseHandle
53847: string.CreateFileA


Strings

raw strings
decrypted raw strings