Cryptam // document analysis


Sample Details

original filename: f3327a525ecf4cc106f231043d810d0d.virus

size: 59392 bytes
submitted: 2017-05-14 21:13:07
md5: f3327a525ecf4cc106f231043d810d0d
sha1: 16a755f587e0eeb22c2bd82d46ebd28f04cc196b
sha256: f2b9a59db21ccb7314da77634763f0206ef36ee9bdf9edf3e80ef01e60f713e4
ssdeep: 1536:jeeeeLzHqgkOoHmsmimkLXiWmm/t56lKOJpgayr9JFe8MlX+yQn6c78Rmv1Jx57W:JQn6c78Rmv1Jx57aZMjkrXXX9PPRnmdC
content/type: Composite Document File V2 Document, Little Endian, Os
analysis time: 0.38 s
result: malware [22]
embedded executable: found

signature hits:

48628: suspicious.office Visual Basic macro
30371: string.RegOpenKeyExA
50867: string.KERNEL32


Strings

raw strings
decrypted raw strings