Cryptam // document analysis


Sample Details

original filename: 52441a10527a8d9778533367c7efe01241fed245aa7d717200e99acb129d0adb_aebb25f.doc

size: 1224704 bytes
submitted: 2019-02-21 12:02:44
md5: 320730c1c97ba9920376b725f1a431d4
sha1: 0472af4513810e36e9ecf135854bd8cf505c95d4
sha256: 52441a10527a8d9778533367c7efe01241fed245aa7d717200e99acb129d0adb
ssdeep: 24576:IEiVontcjwYcpp2zprbl7gWJ54eMSkyAJnZaurnHCIF6E4mH/DgqTE7p5WXtZV/z:IEiVond7yBkWA
content/type: Composite Document File V2 Document, Little Endian, Os
analysis time: 3.27 s
result: malware [20]
embedded executable: found

signature hits:

24654: string.This program cannot be run in DOS mode
1173008: string.user32.dll
dropped.file exe 845594e5374221c3147dbd9df169e873 / 1200128 bytes / @ 24576


Strings

raw strings
decrypted raw strings

Dropped Files

exe at 24576
md5: 845594e5374221c3147dbd9df169e873
sha1: ba5babaa12eff62f985f442c7b18899deffbc442
sha256: c36141e14fc2baa6c05412ec5ca77637b8046cf283602414d93799b1d8c4a330
view strings