Cryptam // document analysis


Sample Details

original filename: 4133703f6833cc23f0a9684792bda868

size: 152064 bytes
submitted: 2017-09-09 06:44:18
md5: 4133703f6833cc23f0a9684792bda868
sha1: f14b0639cc546e2eba0316a05875e7b1cf493d1e
sha256: 4bf8e7006bdfed4c34c7f27b9b72069c97fe052725ed84c6dafbd85ec777321b
ssdeep: 1536:o5TBcaWtWRDKpseZZ5Z5dq4RlxfbKHmT2W35N8O11aOpoXAPHSIQHwdAo8Npezxf:opKpsWdqKKOZrroXYHPA+xTIvxww
content/type: Composite Document File V2 Document, Little Endian, Os
analysis time: 29.51 s
result: malware [22]
embedded executable: found

signature hits:

144658: suspicious.office Visual Basic macro
47735: string.CloseHandle
47703: string.CreateFileA


Strings

raw strings
decrypted raw strings