Cryptam // document analysis



Sample Details

original filename: Biglietto Visita.doc

size: 32768 bytes
submitted: 2014-01-12 00:28:06
md5: 2192f9b0209b7e7aa6d32a075e53126d
sha1: 3ee237725db5cd9ea0a0476412151e3080077222
sha256: c026ebfa3a191d4f27ee72f34fa0d97656113be368369f605e7845a30bc19f6a
ssdeep: 192:ZvS2FjEyitZwosQGGluLsX3kCkd0jJmHQ1duyICHT8a06BB5eS7TEr:lnytZh5GGluLsLkd0jJmjMTFVBB5JU
content/type: Composite Document File V2 Document, Little Endian, Os
analysis time: 94.50 s
result: suspicious

signature hits:

16384: suspicious.flash ZWS flash in MS Office document
13825: suspicious.flash flash control in MS Office document


Yara Tags

doc_zws_flash

Strings

raw strings