Cryptam // document analysis


Sample Details

original filename: 1f91b79f28afe3c5a838c58538acc7cdf73190e080a360b5ee5069220628dd1a_7949ca0.doc

size: 1286144 bytes
submitted: 2019-02-22 02:01:38
md5: 2e4d0d9b0ce28a15a4d1340ccd31abaa
sha1: 74d7b237ec755eae6c9e206348bb674e845b9d10
sha256: 1f91b79f28afe3c5a838c58538acc7cdf73190e080a360b5ee5069220628dd1a
ssdeep: 12288:mE2SS5SSJ4uNMKEut1nCKm0bW62OS4HauLBFXzr9eu1P9Ko:mEM4uq1c1nCKm0bqOSOPFD8u
content/type: Composite Document File V2 Document, Little Endian, Os
analysis time: 3.03 s
result: malware [20]
embedded executable: found

signature hits:

24654: string.This program cannot be run in DOS mode
1217884: string.user32.dll
dropped.file exe 6a8be0066d3453d31b7279e8daaa3398 / 1261568 bytes / @ 24576


Strings

raw strings
decrypted raw strings

Dropped Files

exe at 24576
md5: 6a8be0066d3453d31b7279e8daaa3398
sha1: b8093917289aaf16f32b8da7da28ca6081e94353
sha256: 76cf49b7ae880c384d5514e80275d4b89b8d56829cf7f54571908cd0d0ba0dab
view strings