Cryptam // document analysis


Sample Details

original filename: 5ad577718774e9df55cc89ec57d28ecd6137c28e

size: 109056 bytes
submitted: 2018-04-12 07:10:05
md5: 686f96ff87a46866eaaec7bcba222e14
sha1: b3a6a20330a3aa20f0358be86d67976a800f3331
sha256: 6f9c0e28666e2e9da72b012ba66954d81c60d9484c8346bf8ae78343ab8e5f78
ssdeep: 3072:FBKQn6c78Rmv1Jx57aZMmPo+4nko6WGNXC1EEPqNjHCJXs+IO319O:OQn6c78Rmv1Jx57aZMmPo+4nko6WGNR5
content/type: Composite Document File V2 Document, Little Endian, Os
analysis time: 26.07 s
result: malware [22]
embedded executable: found

signature hits:

87820: suspicious.office Visual Basic macro
65187: string.RegOpenKeyExA
89822: string.KERNEL32


Strings

raw strings
decrypted raw strings