Cryptam // document analysis


Sample Details

original filename: 96ab8fc7b7b4b916315589c1ea5b2529ec53a15830dc6fdbef5584ee662cec9d_30e.doc

size: 457568 bytes
submitted: 2018-08-04 15:06:49
md5: 4677474cd75eb7d924c49d09b1754025
sha1: cac81751a8474b102480575684883b57e9d61766
sha256: 96ab8fc7b7b4b916315589c1ea5b2529ec53a15830dc6fdbef5584ee662cec9d
ssdeep: 12288:5EiTRvHe/tAw95Pm+12HBxNOfO19fzFoJbQoA05B+LpRWN3em0Ts3:5EhmxnNX9fzFjoVBuKx0TS
content/type: Composite Document File V2 Document, Little Endian, Os
analysis time: 1.52 s
result: suspicious
embedded executable: found

signature hits:

24654: string.This program cannot be run in DOS mode
dropped.file exe 9250bebda6637668463bc89b73397e40 / 432992 bytes / @ 24576


Strings

raw strings
decrypted raw strings

Dropped Files

exe at 24576
md5: 9250bebda6637668463bc89b73397e40
sha1: d804edc784e6d3fbc39e24e8f73d8259cc04cde2
sha256: 37711c8c5a41245c7d9171a773e3f9b07289f87e687b8a93b835e24808b4d2c1
view strings