Cryptam // document analysis


Sample Details

original filename: csgraber.zip

size: 348543 bytes
submitted: 2017-03-16 00:02:02
md5: e9b7ede15e12dbb74fd94d36b4974b64
sha1: 41e15b310c899b47cca2a349043e0697882d996a
sha256: b2f9e21fd9e8a8186f2a0f1dbff6f2a45256723f6151f0fe420c896582a44862
ssdeep: 6144:y6+pRGRZkTv2AK/FAd0ITxRIhqAbxQXhnr2Eaga0eCjdpv4tqD1hIYArRj:yZpgRZkTOld40ITxRIhqAxQRX/aw4S16
content/type: Zip archive data, at least v2.0 to extract
analysis time: 0.00 s
result: malware [90]
embedded file objects: yes
embedded executable: found

signature hits:

embedded.file csgraber.exe 2d192d41d751ca05e0c5a8d6116d6ef1
csgraber.exe.78: string.This program cannot be run in DOS mode
csgraber.exe.25094: string.LoadLibraryA
csgraber.exe.24434: string.GetModuleHandleA
csgraber.exe.24714: string.GetCommandLineA
csgraber.exe.24762: string.GetProcAddress
csgraber.exe.24572: string.CloseHandle
csgraber.exe.22008: string.user32.dll
csgraber.exe.25450: string.KERNEL32
csgraber.exe.20815: string.ExitProcess


Strings

raw strings

Dropped Files

csgraber.exe at zip
md5: 2d192d41d751ca05e0c5a8d6116d6ef1
sha1: 772efcf06daefdb35ee428faabe5478729d4969f
sha256: affe5aac9c91831e2a591c7f37d198566ba13d209e5bc4ad4fac13eb9e50f1c3
view strings