Cryptam // document analysis


Sample Details

original filename: 7006be6c2299b56624b42322ab3e3ea8.virus

size: 237568 bytes
submitted: 2017-04-16 01:23:32
md5: 7006be6c2299b56624b42322ab3e3ea8
sha1: af1e145b665ebe669ef94e4e292480d56c0a654f
sha256: f9f663871d25f1f2205fba8ec20aa1fcdfec7233fe45e94eded38bcab58484f6
ssdeep: 3072:EdqXfUSdzS+SLf+o4gOi7kK/JPOisYHRYZQ46q3VCu8B:1PUSdzoLf+ovOi7vQisYHM6qI
content/type: Composite Document File V2 Document, Little Endian, Os
analysis time: 1.13 s
result: malware [22]
embedded executable: found

signature hits:

230226: suspicious.office Visual Basic macro
24183: string.CloseHandle
24151: string.CreateFileA


Strings

raw strings
decrypted raw strings