Cryptam // document analysis


Sample Details

original filename: 75d2f87b8dea5b242e283e9832714db7

size: 238080 bytes
submitted: 2017-09-09 06:22:27
md5: 75d2f87b8dea5b242e283e9832714db7
sha1: e8cd355fb48d5a5fb1619e7b0897d08a72bee51c
sha256: fdb3356924a7a994f56016e26bfda8a33559b0c688fb4a618775363852579bfe
ssdeep: 3072:NDILgidrPkZvZfqfiWo90A6KYHxA+xTEvxww:NDI3rmvZfwo90Ah2BxTEvV
content/type: Composite Document File V2 Document, Little Endian, Os
analysis time: 21.94 s
result: malware [22]
embedded executable: found

signature hits:

230674: suspicious.office Visual Basic macro
133751: string.CloseHandle
133719: string.CreateFileA


Strings

raw strings
decrypted raw strings