Cryptam // document analysis


Sample Details

original filename: f9172_13032120344803.doc

size: 363465 bytes
submitted: 2020-03-13 15:10:24
md5: bf3111b639b17cd304222bff0039ea2e
sha1: d555025343044bf8cd8becd7d47c7218b0d16407
sha256: 6ebf1d0707520adfc7439df8a5585e86f7e3e78de95070c26fe1d3b9f7cd054f
ssdeep: 6144:b16mInNSZBGral3n8h8gDNygBbqxNwYWq/iy:HINIHt8RD8F1qy
content/type: Microsoft Word 2007+
analysis time: 0.00 s
result: malware [12]
embedded file objects: yes
embedded executable: found

signature hits:

embedded.file vbaProject.bin 423aaaf0b89f061a0c34f41933a0b29a
vbaProject.bin.291538: suspicious.office Visual Basic macro
vbaProject.bin.129635: string.CreateProcessA


Strings

raw strings

Dropped Files

vbaProject.bin at zip
md5: 423aaaf0b89f061a0c34f41933a0b29a
sha1: 6173d6ed214e14e9d3cf63024536e6dbc2e49ea1
sha256: 23c4d8958835a8b340f63f6e9bb607cb2bd91f3aea993370ead6f55aaa25dbf8
view strings