Cryptam // document analysis


Sample Details

original filename: c5d645ff140d7492563fa7f2912eb0793977730dfd470c8209ddbfe0c03e1e9a_bamicryt.doc

size: 421888 bytes
submitted: 2018-08-28 06:01:23
md5: b241bc5eee6dc406b7e97a1ede510fd8
sha1: fa6be75fc955e35c3cb0035e5e4287f009e4f59f
sha256: c5d645ff140d7492563fa7f2912eb0793977730dfd470c8209ddbfe0c03e1e9a
ssdeep: 6144:YE+I6KfCY0LJjaaUQXRcxQid4a9c3FySPuQ8kLJT9TmqWsaKKQae:YETOYINhR6be1tuk/SqW2
content/type: Composite Document File V2 Document, Little Endian, Os
analysis time: 1.43 s
result: suspicious
embedded executable: found

signature hits:

24654: string.This program cannot be run in DOS mode
dropped.file exe 6e4e96ce0a92308be804e359f6d21e27 / 397312 bytes / @ 24576


Strings

raw strings
decrypted raw strings

Dropped Files

exe at 24576
md5: 6e4e96ce0a92308be804e359f6d21e27
sha1: 000b48db0f262691e5435fce30b33ed4bf497597
sha256: 6b00286c4a658504b1e48f4e51ff5ef40f38f08cefddba86c1042add0c8629e8
view strings