Cryptam // document analysis


Sample Details

original filename: af723883187878f21fa05db20d0315a8.virus

size: 259072 bytes
submitted: 2017-04-16 16:52:06
md5: af723883187878f21fa05db20d0315a8
sha1: 1de5d4025822344abeaf6874996b7b689b16af4a
sha256: e982dcc129d8ba9f53059e8f798a9624b7683dd8a2ce2bd2eccf8a8f480f69b7
ssdeep: 3072:RBOLe66uIAfKOZrr7jYHIAcxTEvxwwUZJEmKUF1fVZ4+3ThriIxH1BzPYR7tdHug:RB5yfKOZrr26xTEvVUZlFWEDBzPqdHL
content/type: Composite Document File V2 Document, Little Endian, Os
analysis time: 0.98 s
result: malware [22]
embedded executable: found

signature hits:

159984: suspicious.office Visual Basic macro
51831: string.CloseHandle
51799: string.CreateFileA


Strings

raw strings
decrypted raw strings