Cryptam // document analysis


Sample Details

original filename: ef72641521559d04068fc3e032e8a381b3538d790acf78546f26225615d4faf5.doc.bin

size: 33280 bytes
submitted: 2018-02-09 21:32:01
md5: 01b72b6b051a0e655b5c5d18cf297db5
sha1: 38297c23478087e7c8cb5049d5ce7da15b3aa42c
sha256: ef72641521559d04068fc3e032e8a381b3538d790acf78546f26225615d4faf5
ssdeep: 768:fImCSv0uLFS453wPmn5aU5Hs+Lta4qk3hOdsylKlgryzc4bNhZFGzE+cL2knAJUg:fImCSv0uLFS453wPmn5aU5Hs+Lta4qkm
content/type: Composite Document File V2 Document, Little Endian, Os
analysis time: 0.52 s
result: malware [12]
embedded executable: found

signature hits:

28374: suspicious.office Visual Basic macro
18657: string.CreateProcessA


Strings

raw strings
decrypted raw strings