Cryptam // document analysis


Sample Details

original filename: ccbcbbf0c8ab0e133382d476d1836596502dea3a459923e3b7b8462fa0ff4782_testaderall.doc

size: 507904 bytes
submitted: 2019-02-04 20:59:22
md5: cbb16e4e4e08c92f71f92912ee89d99f
sha1: 837c8f172b6a8e1af9d906bfe9e2910c37af4159
sha256: ccbcbbf0c8ab0e133382d476d1836596502dea3a459923e3b7b8462fa0ff4782
ssdeep: 3072:ZEwLwjDHoRQoE/dVEZYIt+R9pna+10ez2kWYj67n0sN0o2ibcH0qwrUm1tEfaK:ZEwLUoOoEsZYIU3nIeYYjftwn1ty
content/type: Composite Document File V2 Document, Little Endian, Os
analysis time: 4.56 s
result: suspicious
embedded executable: found

signature hits:

24654: string.This program cannot be run in DOS mode
dropped.file exe 62cde720ccb0df8a13c7910443993478 / 483328 bytes / @ 24576


Strings

raw strings
decrypted raw strings

Dropped Files

exe at 24576
md5: 62cde720ccb0df8a13c7910443993478
sha1: e0b323e3a606d6685771aac8e481a279f5ca87bc
sha256: e7c725f751221c3e8d5c52f9d5f2123c371af4dfee90e4115e5bb07b0f50dd3d
view strings