Cryptam // document analysis


Sample Details

original filename: 816d148b24727db1bd43a975814a0610

size: 122880 bytes
submitted: 2017-09-09 06:38:14
md5: 816d148b24727db1bd43a975814a0610
sha1: 5bce95a84595c7bcd17684a51cc9e6d256e6b686
sha256: 76a53198daa69505771e8a8c16d5f742efb8b59d37ac132e9901997a6f18cb5b
ssdeep: 1536:9OOOqj0wAMrwHF3RVA31V/+5T3emEk5D9VU3csoYDhE5mHqu2gxlkVsNNR5dz00K:Bwtk4ymN5LV2Di6FkKNxa5
content/type: Composite Document File V2 Document, Little Endian, Os
analysis time: 44.15 s
result: malware [22]
embedded executable: found

signature hits:

115986: suspicious.office Visual Basic macro
15991: string.CloseHandle
15959: string.CreateFileA


Strings

raw strings
decrypted raw strings