Cryptam // document analysis


Sample Details

original filename: 7351467.zip

size: 348044 bytes
submitted: 2017-03-15 19:03:02
md5: 973ac9719530ab6612663dec170af6ca
sha1: 240bb565d18f2d14c40a81ac4f08c1cc26d4f86d
sha256: 7bd90dfab2cf90a9fdc5f9d3dd5e72a677617cc3ab735ea6ef4742395998f9a8
ssdeep: 6144:ZQv+1qJDZc9Rx1ofTd9VjvqUyWhKDiQAGys2ZqMPgb1SsQkK2kJrjl/CHhF+vOB5:ZB1eIfIpvDHhK5AGysQPS1SsVKTrjl/A
content/type: Zip archive data, at least v2.0 to extract
analysis time: 0.00 s
result: malware [90]
embedded file objects: yes
embedded executable: found

signature hits:

embedded.file 7351467.exe 1b234c167c48ac614bfbd2b5c04cb6ac
7351467.exe.78: string.This program cannot be run in DOS mode
7351467.exe.25064: string.LoadLibraryA
7351467.exe.24416: string.GetModuleHandleA
7351467.exe.24684: string.GetCommandLineA
7351467.exe.24732: string.GetProcAddress
7351467.exe.24542: string.CloseHandle
7351467.exe.22000: string.user32.dll
7351467.exe.25420: string.KERNEL32
7351467.exe.20807: string.ExitProcess


Strings

raw strings

Dropped Files

7351467.exe at zip
md5: 1b234c167c48ac614bfbd2b5c04cb6ac
sha1: df5f365739d77634c03f978e8f7c76fd303c89a6
sha256: d182b6de5bc628a81ab3e9706a157f1e6adbf07f5dad72c0cd0255a0df0bb96e
view strings