Cryptam // document analysis


Sample Details

original filename: 69ba0f9d9e95b11ae7b24c11e1ad0324052213c795edb08408fe8bfdf93eeffa_tt.doc

size: 462848 bytes
submitted: 2019-02-25 07:25:27
md5: 192082743e48b6d1a9ab6041ee7d666d
sha1: e5e2365e03aadd05d31b1d2f5a3b65bf7e012ff9
sha256: 69ba0f9d9e95b11ae7b24c11e1ad0324052213c795edb08408fe8bfdf93eeffa
ssdeep: 6144:DECDbK9rvuI896b/7Ok8sYfyMXDLb+UqCcB49EUnq7HQYfPgGKF0KhvO1mDNMFUr:DEWC89gYfleHtEOgDNMFUph
content/type: Composite Document File V2 Document, Little Endian, Os
analysis time: 1.80 s
result: malware [20]
embedded executable: found

signature hits:

24654: string.This program cannot be run in DOS mode
353330: string.KERNEL32
dropped.file exe 0d62ad8b69f5d5800389e540fe5af1f7 / 438272 bytes / @ 24576


Strings

raw strings
decrypted raw strings

Dropped Files

exe at 24576
md5: 0d62ad8b69f5d5800389e540fe5af1f7
sha1: 02b15306a4ee2289366624861d9a2275750af8da
sha256: 100a9ae17ae045dc0b536967cf60f007ea9c951f92790803ecd021bdd3551b5a
view strings