Cryptam // document analysis


Sample Details

original filename: 154caf7167d9999d7e4ab3a3c11e89b615b13942285197bf1570c301671084a0_29e.doc

size: 275120 bytes
submitted: 2018-08-04 15:04:09
md5: 38df7eb054962277b4cd894ca7076c25
sha1: e0c2a9c49b637c6683a9c39762ed725f4253ce47
sha256: 154caf7167d9999d7e4ab3a3c11e89b615b13942285197bf1570c301671084a0
ssdeep: 3072:QEDv8V3LTZ6iFlnuGpOzRpX1V9hvR4+6qOmR9jURTuhl3dArjNdTt6/e4gy9sYU2:QEbS1DnuGi1Lh6+ak9jscBxWlyipukm
content/type: Composite Document File V2 Document, Little Endian, Os
analysis time: 1.25 s
result: suspicious
embedded executable: found

signature hits:

24654: string.This program cannot be run in DOS mode
dropped.file exe 0c3812550f6bb42b2b7446bbb71b0fad / 250544 bytes / @ 24576


Strings

raw strings
decrypted raw strings

Dropped Files

exe at 24576
md5: 0c3812550f6bb42b2b7446bbb71b0fad
sha1: 99948dfc5242929ba19f6ae37d74880b3779bbfd
sha256: 063fcb22e77d3a25f79784b4144f4b01423a9b1f9f7ee004f3fe7431a2b1ace7
view strings