Cryptam // document analysis


Sample Details

original filename: 634367d22b136f7c97f70ada4a0c4807

size: 130560 bytes
submitted: 2017-09-09 10:27:18
md5: 634367d22b136f7c97f70ada4a0c4807
sha1: 176db57778f4e8d35015185f74d0e9b498a11a34
sha256: 62e4bb2246a7f93f2c330367389f5d37c78c50dd1280e52172112986bebcfa04
ssdeep: 1536:f+/33Qk87oHlvhNwv19fG5Dv+KAPHSIQGwdAo8NpezxSv0i6n9/j6vqMo5wV3:f7o90A6KYHIA+xTEvxww
content/type: Composite Document File V2 Document, Little Endian, Os
analysis time: 38.14 s
result: malware [22]
embedded executable: found

signature hits:

123154: suspicious.office Visual Basic macro
26231: string.CloseHandle
26199: string.CreateFileA


Strings

raw strings
decrypted raw strings