Cryptam // document analysis


Sample Details

original filename: 8d7c843e4d540ce9ee6d11c9ec3065b1

size: 398848 bytes
submitted: 2017-09-09 07:02:19
md5: 8d7c843e4d540ce9ee6d11c9ec3065b1
sha1: 3ff877b2ac025a65f8e0c61872515e6f2a312119
sha256: efd8a7736de96380f0cf79d1df9c2171a93787cf9f60c23ae2010cc365e80451
ssdeep: 1536:Fb7mGocKkxxxZNj9EhpIDp3AkDX3qxeoKXW+gSUKOGfbKHmT2W35N8O11Hv+KAPw:qQLowz3KOZrmKYHPA+xTEvxww
content/type: Composite Document File V2 Document, Little Endian, Os
analysis time: 20.84 s
result: malware [22]
embedded executable: found

signature hits:

385362: suspicious.office Visual Basic macro
288887: string.CloseHandle
288855: string.CreateFileA


Strings

raw strings
decrypted raw strings