Cryptam // document analysis


Sample Details

original filename: PO -99028271.xls

size: 77824 bytes
submitted: 2017-08-08 08:45:15
md5: 2d52e8465df71938c1623ba522f7971c
sha1: 4bf880ebfeaf31b66b14e8577da5ba514d1eb1c3
sha256: 8e483a2538f8251a76bd004f28afc0d6544491bd8157c90a3645a4b0445c99cc
ssdeep: 1536:HOEZ+RwPONXoRjDhIcp0fDlaGGx+cL/WELBN/Vksnx//x4EPmwP8PQ:uEZ+RwPONXoRjDhIcp0fDlaGGx+cL/W0
content/type: Composite Document File V2 Document, Little Endian, Os
analysis time: 2.07 s
result: malware [12]
embedded executable: found

signature hits:

69330: suspicious.office Visual Basic macro
63127: string.URLDownloadToFileA


Strings

raw strings
decrypted raw strings