Cryptam // document analysis


Sample Details

original filename: b09dba652cd53ba29523bfaf4bb6c11b.virus

size: 44032 bytes
submitted: 2017-05-14 21:13:21
md5: b09dba652cd53ba29523bfaf4bb6c11b
sha1: f2160b60fa08d1bb3fa00bb80f29e94967995601
sha256: 4867f09ef91c39576cdff9bde787fb9b9ae893d70bf2c149b913cec4199b93db
ssdeep: 768:cssss5hdAwW8kUgUU5N4UYU8U8aMVupeayNlsOW/iejmZ958GhJI0dfAwRUi9g7U:cssss5hdAwW8kUgUU5N4UYU8U8aMVupY
content/type: Composite Document File V2 Document, Little Endian, Os
analysis time: 0.52 s
result: malware [22]
embedded executable: found

signature hits:

37586: suspicious.office Visual Basic macro
31395: string.RegOpenKeyExA
39350: string.KERNEL32


Strings

raw strings
decrypted raw strings