Cryptam // document analysis


Sample Details

original filename: vbaProject.bin

size: 1411584 bytes
submitted: 2017-07-12 11:52:14
md5: 97f9a92de597cb9a2b2aebccfc74013d
sha1: 97d4e946da0584b14a1292121c50962720a8efcf
sha256: 6e4dfbbe1faeac32fa4f20ef47794cb22169bd712b121b8c22575a9221bde0fc
ssdeep: 6144:1gaQOJVBxurZ9Pzwe6bcZtQbjMvRVOHk5ZUur+OnUAnXcwShJhTmPtYgn52Y8aPM:Wa5gFWi8MHjXX4qPBDwlijtl8YmqZEB
content/type: Composite Document File V2 Document, No summary info
analysis time: 2.56 s
result: malware [32]
embedded executable: found

signature hits:

1058899: exploit.office embedded Visual Basic write to file Scripting.FileSystemObject
1302242: suspicious.office Visual Basic macro
1042624: string.vbs On Error Resume Next


Strings

raw strings
decrypted raw strings