Cryptam // document analysis


Sample Details

original filename: c0e83e3dd4cfdae870298ff9c664e93a.virus

size: 46592 bytes
submitted: 2017-05-14 20:52:01
md5: c0e83e3dd4cfdae870298ff9c664e93a
sha1: 2b8dd596af40c1c810a68bcf6a6662197b8b47b9
sha256: cb40df6e1b6388c698637d269ef7fba842f81aaf49673fa147774f749a6f6b42
ssdeep: 768:uvvvv0i2bw6vfwf33aGz333b333f5iO1qF5e+vV9cdejuZ95LwS7kLaaRbkLxK8y:uvvvv0i2bw6vfwf33aGz333b333f5iO4
content/type: Composite Document File V2 Document, Little Endian, Os
analysis time: 0.51 s
result: malware [22]
embedded executable: found

signature hits:

40146: suspicious.office Visual Basic macro
33955: string.RegOpenKeyExA
41910: string.KERNEL32


Strings

raw strings
decrypted raw strings