Cryptam // document analysis


Sample Details

original filename: 5d891f33f18461e8e0ab7f9a0bfb94d4.1

size: 237565 bytes
submitted: 2018-02-08 16:01:02
md5: 5d891f33f18461e8e0ab7f9a0bfb94d4
sha1: 733d78896f865ec7fe87536c5a2ab6eda3c8c974
sha256: 9ecd89bb78b09b2982f5561e2b22dd3e2c7ed6da36f07292d4fb6e8da4652562
ssdeep: 6144:Q76cLEmGqchLAIkszU2fvdRpLP46b+F95XkvpuGlaVx9h:4LqHLGszU2fNgkdlaVV
content/type: Microsoft Word 2007+
analysis time: 0.00 s
result: suspicious
embedded file objects: yes
embedded executable: found

signature hits:

embedded.file oleObject1.bin f7b29fcbe76f7c4e5c289e6f4e413caa
oleObject1.bin.4848: string.This program cannot be run in DOS mode
oleObject1.bin.dropped.file exe 310e72d37f6812b21099ae17dce0eef6 / 226142 bytes / @ 4770


Strings

raw strings

Dropped Files

oleObject1.bin at zip
md5: f7b29fcbe76f7c4e5c289e6f4e413caa
sha1: 93c12c639cfe5be997f18d6659ab90e8cdb753c0
sha256: 29a30b2f0aa198b62c0d052bd578d035b2fcae889cc8997c4d079cc53d13a361
view strings

exe at 4770
md5: 310e72d37f6812b21099ae17dce0eef6
sha1: 80bb15b33b318e2aa1adad3882040917a1496c50
sha256: 25d0a8d0b5cb057b4d425a933e678d4ef5a5944d6c2f25c8d54a5f89f8e5510f
imphash: f34d5f2d4577ed6d9ceec516c1f5a744
view strings