Cryptam // document analysis


Sample Details

original filename: 3a9e6d32736cc709d82e1d8d02ebc20219b8210fba6e5de5c22dde32143d0cb2_95a14df.doc

size: 1060864 bytes
submitted: 2019-02-04 12:04:56
md5: 28eca7d69597939b13c045bd90e97e11
sha1: 85800e371374487bf8b0b7a6239b6764611e27a1
sha256: 3a9e6d32736cc709d82e1d8d02ebc20219b8210fba6e5de5c22dde32143d0cb2
ssdeep: 12288:HEKAl+Z2f80kkhlShfwgdIv3iqPZssgNIBIvd5iuWW6JdZh1C:HE9+gf/hlShfwgevyqxKNIgd5iuF6X
content/type: Composite Document File V2 Document, Little Endian, Os
analysis time: 5.55 s
result: suspicious
embedded executable: found

signature hits:

24654: string.This program cannot be run in DOS mode
dropped.file exe 75da9e8db0bcfe6f1f1bd1a1846f42b1 / 1036288 bytes / @ 24576


Strings

raw strings
decrypted raw strings

Dropped Files

exe at 24576
md5: 75da9e8db0bcfe6f1f1bd1a1846f42b1
sha1: 4eca3393496f6adffac5cb1e040947387821d2c8
sha256: 7cd22b8c5a9d355da9519890d3bd8caeaa779dc02f29e7d5553a0d2958d28c37
view strings