Cryptam // document analysis


Sample Details

original filename: 6b10a70dfc77c94cb713b20135955f3b

size: 133632 bytes
submitted: 2017-09-09 06:59:58
md5: 6b10a70dfc77c94cb713b20135955f3b
sha1: c2edd993e40541b859959c260872fdbc82121a10
sha256: 9f2e701a72cb15749825688a20f2a78517630fdd9b1c01998d46cf3cf0c4f2e4
ssdeep: 1536:zj+dj8ND/woHlvCW35N8O11ms2AAPHSIQnwdAo8NpezxSv0i6n9/j6vqMo5wVFg:zjmporZreAYHvA+xTEvxwwo
content/type: Composite Document File V2 Document, Little Endian, Os
analysis time: 39.73 s
result: malware [22]
embedded executable: found

signature hits:

125714: suspicious.office Visual Basic macro
28791: string.CloseHandle
28759: string.CreateFileA


Strings

raw strings
decrypted raw strings