Cryptam // document analysis


Sample Details

original filename: bd.bin

size: 1721078 bytes
submitted: 2017-03-15 22:57:30
md5: 1fd212ce18a99c7d35a29f228ac717c5
sha1: 5bad8a0180de609077425bde9c5e0b3cb3da4e28
sha256: cffd66605b6f498828c3ffa84b15a2113f2983c7c6ef522c7b6c097e32d985f9
ssdeep: 12288:tbOmLDXF/ra08DKmeHwi60v0+f9UIEXYpYIzgotxIzgDFiDtCUqSEA2HHQw3dUCg:tbOYFupWQ6fU35gL5/41z
content/type: HTML document, Non-ISO extended-ASCII text, with CRLF, NEL line terminators
analysis time: 3.77 s
result: malware [30]
embedded executable: found

signature hits:

600688: exploit.office embedded Visual Basic execute shell command Wscript.Shell
852064: string.user32.dll


Strings

raw strings
decrypted raw strings