Cryptam // document analysis


Sample Details

original filename: /_media/document/569/1100f0082f-produitpropose.xlsm

size: 2466801 bytes
submitted: 2018-04-12 06:08:01
md5: c874349362dfa955b0724d524e8441a8
sha1: 166b6946f5244f4243df5b9d9ac6c2d3c43b6e03
sha256: 909866987fb27d47311b4daef4d79007a52e7b01a029b9e587335ea00cde87a3
ssdeep: 49152:uoSzX1AHbJ1x/QnKaOKiwppwHvxUr042Lj8AsFLBx6kmC9yw7dMYN8GDuJflF:uoKAHNP/Fnw2vxUg42HtskkfN8EAF
content/type: Microsoft Excel 2007+
analysis time: 0.00 s
result: malware [20]
embedded file objects: yes
embedded executable: found

signature hits:

embedded.file vbaProject.bin faa7fbeb9bf85d5d7e6d88cd4f2f577e
vbaProject.bin.314328: string.user32.dll
vbaProject.bin.320467: string.shell32.dll


Strings

raw strings

Dropped Files

vbaProject.bin at zip
md5: faa7fbeb9bf85d5d7e6d88cd4f2f577e
sha1: e6f59458b963a56c5944547f55a159bb70abccb5
sha256: 32b866e8422943ac0d7b7cd455abb3e5011fd83f0db72d33c49e5259d8db721b
view strings