Cryptam // document analysis


Sample Details

original filename: 65d933fb42271c90014f674720f8d788

size: 152576 bytes
submitted: 2017-09-09 10:09:41
md5: 65d933fb42271c90014f674720f8d788
sha1: b9e4b7a2eaa33fd363fca9d280f88329985b93d5
sha256: e30b3903b29112960e1e16e57b50bd04cca4b1bda6b91e9101e127f2bbfd4873
ssdeep: 1536:NKA+SFE2Mk87oHlvhNwv19fG5Dv+KAPHSIQHwdAo8NpezxSv0i6nO/j6vqMo5wVm:cStco90A6KYHPA+xT/vxww
content/type: Composite Document File V2 Document, Little Endian, Os
analysis time: 3.63 s
result: malware [22]
embedded executable: found

signature hits:

145170: suspicious.office Visual Basic macro
48247: string.CloseHandle
48215: string.CreateFileA


Strings

raw strings
decrypted raw strings