Cryptam // document analysis


Sample Details

original filename: 4585c62f4872450f491ab0c553327dc234155a351ba007e1404ab2076fe971c0_jag.doc

size: 192512 bytes
submitted: 2019-05-10 06:07:44
md5: 548b1e2d9ff6a4047cfb15478d2eeed6
sha1: 893de33d29d9c897d49abd948fb8e02d638f06b4
sha256: 4585c62f4872450f491ab0c553327dc234155a351ba007e1404ab2076fe971c0
ssdeep: 3072:MEhRO5vTghfrtORyZFVgzpC7yLwgdteVc1u0Nnxk9eUToF1aTYzW:MEhRO5dge5YVc1nxyeUs1aT6
content/type: Composite Document File V2 Document, Little Endian, Os
analysis time: 1.12 s
result: suspicious
embedded executable: found

signature hits:

24654: string.This program cannot be run in DOS mode
dropped.file exe 00943c3972df4ad7b3fe82f937ea4f8e / 167936 bytes / @ 24576


Strings

raw strings
decrypted raw strings

Dropped Files

exe at 24576
md5: 00943c3972df4ad7b3fe82f937ea4f8e
sha1: 60b985e7f927982c78a1549e50ec3ccd80603c4b
sha256: 7dfca4fc1d48e33a24b7ad4fddc461d071143728712c0e54c61f05121c29b897
view strings