Cryptam // document analysis


Sample Details

original filename: infected_doc.docx

size: 531968 bytes
submitted: 2018-05-17 10:10:27
md5: 4aa84fb242abbba1a9dd2b8976cab2ce
sha1: 5055803a59b82b1c33c6a78150b07a080f0bcadd
sha256: 5762576fc6a09b4ddd95908c6c34ab9b38e06a6b2878099433347cabfbeccc18
content/type: Composite Document File V2 Document, Little Endian, Os
analysis time: 1.79 s
result: malware [32]
embedded executable: found

signature hits:

520052: suspicious.office Visual Basic macro
500068: exploit.office VB Macro auto execute
521303: string.URLDownloadToFileA


Strings

raw strings
decrypted raw strings