Cryptam // document analysis


Sample Details

original filename: 315d589d3595176e01f44e7a6d914908.virus

size: 166912 bytes
submitted: 2017-07-12 17:56:31
md5: 315d589d3595176e01f44e7a6d914908
sha1: d27dad4b8ebd5b8471c02801d47f8160f75bb5ec
sha256: 5866fa57dd2f69bc7c582ea20a8b8b9f0de776ebb4e191b9488789296aab6231
ssdeep: 3072:NTF7gVlRlmetxyMpnLfFEKAf+FP5vma35DFJY/rO6:RFkVlRljtxyMpL9/A4FmapRu
content/type: Composite Document File V2 Document, Little Endian, Os
analysis time: 1.02 s
result: malware [22]
embedded executable: found

signature hits:

158482: suspicious.office Visual Basic macro
24183: string.CloseHandle
24151: string.CreateFileA


Strings

raw strings
decrypted raw strings