Cryptam // document analysis


Sample Details

original filename: cf8e0ae7a5822f87818a9eccf5dd301de908063c022e568923924c0a62abbcc9_mx.doc

size: 286720 bytes
submitted: 2018-06-17 16:11:09
md5: a242166ccf3fa1f21f5a06a273f4580f
sha1: 52d2fcc28149dda8d8ba6dceb5e867400460e895
sha256: cf8e0ae7a5822f87818a9eccf5dd301de908063c022e568923924c0a62abbcc9
ssdeep: 6144:xE2lMackvGpkWMBJ+9UhAenHtJrtW2lolM:xEcMbkKNseUvnHtJJW24M
content/type: Composite Document File V2 Document, Little Endian, Os
analysis time: 1.19 s
result: malware [30]
embedded executable: found

signature hits:

24654: string.This program cannot be run in DOS mode
65624: string.shell32.dll
234202: string.KERNEL32
dropped.file exe acce144ba244d25a93083154fda6464e / 262144 bytes / @ 24576


Strings

raw strings
decrypted raw strings

Dropped Files

exe at 24576
md5: acce144ba244d25a93083154fda6464e
sha1: fa05c5143f50a79f9aafdd2c8b3431bcb84e88a1
sha256: 4c4b54415aae26381526cdce3903e4d8d03e0b980d8b6573910a9894553558e4
view strings