Cryptam // document analysis


Sample Details

original filename: 87211c763bc5bd2639a4c1ed18b276e6.virus

size: 27136 bytes
submitted: 2017-06-14 05:21:16
md5: 87211c763bc5bd2639a4c1ed18b276e6
sha1: b6dc390c44bd1dcfe19af63e6b6bd7f9abd7612a
sha256: ed1fa4f513937b54d2abcf21081a2c4c0f42e91c12433806d1793fa855aab54f
ssdeep: 384:oSRLcHiKoqF4EalV1ToUOZNu7P0Vjj2QrQq0h1xI6w9+gr093BBXRIrYosRAFK:vGiK1GEai59jXrQq21xIMtqrYGK
content/type: Composite Document File V2 Document, Little Endian, Os
analysis time: 2.02 s
result: malware [20]
embedded executable: found

signature hits:

8270: string.This program cannot be run in DOS mode
9000: string.KERNEL32
dropped.file exe c57741369f2cc6995c2b0e72cddd7beb / 18944 bytes / @ 8192


Strings

raw strings
decrypted raw strings

Dropped Files

exe at 8192
md5: c57741369f2cc6995c2b0e72cddd7beb
sha1: 4a2ade598b583530006b15e281b78df14d649111
sha256: 39b4ef82c4ef3a7eca05decbbfe5d54ffc8cf8397125f015c5b2954e3772c82a
view strings