Cryptam // document analysis


Sample Details

original filename: Payment-advice.doc

size: 49100 bytes
submitted: 2019-06-13 19:20:37
md5: 735d599cf5298f75799f14fd61af6de3
sha1: 4b8a07363120e9d551a6e0a3849dd2992bbf76e6
sha256: 3bce398939d15ffce1314bf1715dde2163da05702cc4ab42315e62f399f2b9b5
ssdeep: 768:csxtgNWNDpJXXfIg6Qz/ZwZ0amHWtJgMBfjOYBAdZYmW/7ST85v13mGGH+3X6uM:csxAWD1P6Qlw+rHWtmMBrt6aHjST85vi
content/type: Microsoft Word 2007+
analysis time: 0.00 s
result: malware [12]
embedded file objects: yes
embedded executable: found

signature hits:

embedded.file vbaProject.bin 2363166fbe40b2a33f895f733eb2e8f7
vbaProject.bin.30038: suspicious.office Visual Basic macro
vbaProject.bin.22078: string.vbs impersonationLevel


Strings

raw strings

Dropped Files

vbaProject.bin at zip
md5: 2363166fbe40b2a33f895f733eb2e8f7
sha1: 4f723fe895348b02786574d887083964622416bd
sha256: 8966f0144f3d85390bfd42d7183e0362a27d0a624f3b9975782ab2844ffbbfe4
view strings