Cryptam // document analysis


Sample Details

original filename: 0e0dbac61b458b3641d289c6c45a7e0e75513ce3da7f6d235397130cdfa63c30_1b79230.doc

size: 1236992 bytes
submitted: 2019-02-23 07:36:21
md5: 76eaa1261c8cb52225d97bcf44fdf1ee
sha1: c8c6a2eb76a21be2d8e3a31537be70cc91ca7140
sha256: 0e0dbac61b458b3641d289c6c45a7e0e75513ce3da7f6d235397130cdfa63c30
ssdeep: 24576:IEMIkb+k94LChMqcQGkdzTgm/aSZmWnpNGqmvrS58IjpYh0Z8P7U+nieaY7mt1hx:IEMIk
content/type: Composite Document File V2 Document, Little Endian, Os
analysis time: 2.83 s
result: malware [20]
embedded executable: found

signature hits:

24654: string.This program cannot be run in DOS mode
1155524: string.KERNEL32
dropped.file exe 057ff59f49c5f26596e57ceab50988fd / 1212416 bytes / @ 24576


Strings

raw strings
decrypted raw strings

Dropped Files

exe at 24576
md5: 057ff59f49c5f26596e57ceab50988fd
sha1: e1a1e351d97c7ab8b09fa132c0831749d7550703
sha256: 18ac991751d09b4bf31932c976d3a1110a37ec31d401259ce70881a59e227ada
view strings