Cryptam // document analysis


Sample Details

original filename: 50e530bc392be0130d0ed641b6e19ccdd4e38a7fdd75b8eff2eac8f3d4c77522_setupb.doc

size: 974848 bytes
submitted: 2019-02-07 06:06:24
md5: a893fe0b00afe49ba7bdbd21fe4f1c68
sha1: 9b598e73d50598badd3c428d8908e76d70206dfe
sha256: 50e530bc392be0130d0ed641b6e19ccdd4e38a7fdd75b8eff2eac8f3d4c77522
ssdeep: 12288:WEEzPokyx+SZdgELmFqGb7591Rr1v2TnjmY4ZXey+xn4D8byBSaYnBxnRM:WEA0tKELEVb75tonjmY4Zs4YaunS
content/type: Composite Document File V2 Document, Little Endian, Os
analysis time: 2.08 s
result: suspicious
embedded executable: found

signature hits:

24654: string.This program cannot be run in DOS mode
dropped.file exe 80235f01ca81a3da28586663f62dd1f9 / 950272 bytes / @ 24576


Strings

raw strings
decrypted raw strings

Dropped Files

exe at 24576
md5: 80235f01ca81a3da28586663f62dd1f9
sha1: d4301d111e9c3a8844c63b63e789a80dd700c83c
sha256: c0bb7b256f780f1b628247310976c88fcd481918f51b581c9a1621a2c46f0600
view strings