Cryptam // document analysis


Sample Details

original filename: c9810e2d9dbdb1f564f9c155be19f4ed.virus

size: 121344 bytes
submitted: 2017-06-14 06:00:06
md5: c9810e2d9dbdb1f564f9c155be19f4ed
sha1: d2bf090328108e3431fc2ee25517ae844d1f40ee
sha256: 850b3cc37641023978961d7e2a53c9839a66692367f382ea8d81b83870dc2da6
ssdeep: 1536:c88881wAsaAvMrYHF/hdAf1N/G5T/+AnEk5D9VU3csoYDhE5mHqu2gxlkVsNNR5w:E9YdkAK6N5LV2Di6FkKNxJA
content/type: Composite Document File V2 Document, Little Endian, Os
analysis time: 6.34 s
result: malware [22]
embedded executable: found

signature hits:

115410: suspicious.office Visual Basic macro
18039: string.CloseHandle
18007: string.CreateFileA


Strings

raw strings
decrypted raw strings