Cryptam // document analysis


Sample Details

original filename: 9097333f3b59b9dfc84d46af39fa17b9db3c0d542e5031fb2cd743c8da580b38_remcos_output4ce990.doc

size: 1040384 bytes
submitted: 2018-06-17 14:56:38
md5: ad7cd2cead4a28a708a7422bb8d14e1b
sha1: 8d565ed9e94f213da0ffe1c6a490c7ae5d730555
sha256: 9097333f3b59b9dfc84d46af39fa17b9db3c0d542e5031fb2cd743c8da580b38
ssdeep: 6144:fE/uYX3iJoGkTrHjI9abjL7Dhu9tGIFaAfS0QMB:fE/uq+ohTQ9abjPDhu9tGIFa61
content/type: Composite Document File V2 Document, Little Endian, Os
analysis time: 1.85 s
result: suspicious
embedded executable: found

signature hits:

24654: string.This program cannot be run in DOS mode
dropped.file exe c1aa3cd0054f0cd12bf9a2de89e540e1 / 1015808 bytes / @ 24576


Strings

raw strings
decrypted raw strings

Dropped Files

exe at 24576
md5: c1aa3cd0054f0cd12bf9a2de89e540e1
sha1: a886e2384edbe842e0d8d6b8b0b76cf1dfd27382
sha256: a11a729b4bf5f504875c5054a37b894a6cbda1239567d0f2670c7fc320ff7e3b
view strings