Cryptam // document analysis


Sample Details

original filename: 62e196869ae875299e5a80f47427ec9203c9b9fc2b51ed3f47e40f440abca841_softcry.doc

size: 491520 bytes
submitted: 2018-06-05 01:01:19
md5: 0c3771a45ff56f5270fa1b8c4049ee1a
sha1: 3a55a7a058a4339bd95257f7c6a46877583724b2
sha256: 62e196869ae875299e5a80f47427ec9203c9b9fc2b51ed3f47e40f440abca841
ssdeep: 6144:REe5hyFTM/51Ueil9MWAMwvQiWg51dDZmWfs:REGoFueFvAxWghZ1
content/type: Composite Document File V2 Document, Little Endian, Os
analysis time: 1.31 s
result: malware [20]
embedded executable: found

signature hits:

24654: string.This program cannot be run in DOS mode
154674: string.KERNEL32
dropped.file exe e8082e478f56fe81a0f6a6c3c19be00d / 466944 bytes / @ 24576


Strings

raw strings
decrypted raw strings

Dropped Files

exe at 24576
md5: e8082e478f56fe81a0f6a6c3c19be00d
sha1: 823cd07664a12d13a87ca21d357cc9df58435532
sha256: 592d480e00f73a8a58788f82010a8384f5f997bf6a2531f50a6b895ec8b462ff
view strings