Cryptam // document analysis


Sample Details

original filename: a3a5647eae3ad6b6ffcfea8c2405f20092b3f06f368a3c82dd038fa7e0e4f356_em.doc

size: 548864 bytes
submitted: 2018-08-04 12:26:02
md5: 5de3fcb104b8ddcfcc7b3306656eea55
sha1: 018f38c6dd8b5c09aa0a5988b737341206225edd
sha256: a3a5647eae3ad6b6ffcfea8c2405f20092b3f06f368a3c82dd038fa7e0e4f356
ssdeep: 6144:dEz5tyIuQv5VPIoZ2h7I/hjbrbrUkwa+8rpedKoat6R16dI+r2WSHtDrnU4/gMEj:dEziI1RIoZN9OOO+4/gMEpQ3
content/type: Composite Document File V2 Document, Little Endian, Os
analysis time: 1.66 s
result: suspicious
embedded executable: found

signature hits:

24654: string.This program cannot be run in DOS mode
dropped.file exe ffc355ed693989ffeb4c4201b4158cfb / 524288 bytes / @ 24576


Strings

raw strings
decrypted raw strings

Dropped Files

exe at 24576
md5: ffc355ed693989ffeb4c4201b4158cfb
sha1: be5ed3914438e4db005c14063afa2e520e8c4b9b
sha256: cbf63476e196f1f82466e54481b72c5bbeb4b6cfe0c3802a2f37570f2a8a0ef5
view strings