Cryptam // document analysis



Sample Details

original filename: Rem_3240ZV.xml

size: 30850 bytes
submitted: 2015-03-05 09:48:33
md5: 77739ab6c20e9dfbeffa3e2e6960e156
sha1: 7fd78e9a3a47f12386acd0d04f76000ef72442d1
sha256: 583c668dce73021aae44daab0788fc8ae5fecefab0989ab45ee60bba00465943
ssdeep: 768:kRiPp6UIemUwMxL+3kcS2tVLUt0IwUHJQgfe28PZbFQ:kRB4mUw5rs06QgJqZbFQ
content/type: XML document text
analysis time: 143.93 s
result: suspicious
embedded file objects: yes

signature hits:

embedded.file datastore-2592 73fa577e26ba8123fddd283c50ee64e2
datastore-2592.44242: suspicious.office Visual Basic macro


Yara Tags

mime_mso
mime_mso_embedded_SuppData
mime_mso_vba_macros

Strings

raw strings

Dropped Files

datastore-2592 at mso
md5: 73fa577e26ba8123fddd283c50ee64e2
sha1: 37a869941da33495819939b3ced8a272e935ddc5
sha256: de512662365386cee0982832bc552f19bead44813c1188865124d807c0cb092a
view strings