Cryptam // document analysis


Sample Details

original filename: c4b842168f6c63baa7fa58828ed1382f43562f67a751d4202207dd43004b8dc2_bend.doc

size: 192512 bytes
submitted: 2019-05-10 06:07:03
md5: cfe16b3ad3beb9a2191af9503c8d41d6
sha1: 321f54eaed0bef1de3d3a40b0ecee9db1a43c9a0
sha256: c4b842168f6c63baa7fa58828ed1382f43562f67a751d4202207dd43004b8dc2
ssdeep: 3072:AEr/RT2dEpRIu/nhrJVcIw94TQ04dyQ5Hkz06:AErJTkEX/ON9IQ043P
content/type: Composite Document File V2 Document, Little Endian, Os
analysis time: 1.13 s
result: suspicious
embedded executable: found

signature hits:

24654: string.This program cannot be run in DOS mode
dropped.file exe c3ee61fed217e3c87c7464d41ba9fde8 / 167936 bytes / @ 24576


Strings

raw strings
decrypted raw strings

Dropped Files

exe at 24576
md5: c3ee61fed217e3c87c7464d41ba9fde8
sha1: 9c1c63087a2a301357b492b384fd9c81e87c4b8b
sha256: a63e6269785fea7259559232f64f5ba40bbbcc8babe30adc20d645b05589d689
view strings