Cryptam // document analysis


Sample Details

original filename: afb8945649dbf8589e9f37bd284fa8f0

size: 156160 bytes
submitted: 2017-09-09 07:10:17
md5: afb8945649dbf8589e9f37bd284fa8f0
sha1: 8866c6b68496c92600af5b1ae0e3d0fd4bb3c943
sha256: f9a865c7f183a13fdf7ec358548210dfd6002e7a60eb055c0a479efe1513eb75
ssdeep: 1536:OWKVFcHwZEeniHD4XtKHmTIn0EA3nYz6s2AAPHSIQHwdAo8NpezxSv0i6A9/j6v7:icHLetKpc4SAYHPA+xT5vxww
content/type: Composite Document File V2 Document, Little Endian, Os
analysis time: 23.59 s
result: malware [22]
embedded executable: found

signature hits:

148754: suspicious.office Visual Basic macro
51319: string.CloseHandle
51287: string.CreateFileA


Strings

raw strings
decrypted raw strings