Cryptam


Recent document malware detections. This list is delayed by 5 days.

MD5filenamesizeseverityhas_exekey_lenrol
511516f439bc569d57c2853f49a192ba view report File_0 1292213 150 X 1 0
78: string.This program cannot be run in DOS mode
1232304: string.LoadLibraryA
1232220: string.GetModuleHandleA
1232272: string.GetCommandLineA
1234418: string.GetSystemMetrics
1231994: string.GetProcAddress
1231936: string.EnterCriticalSection
1231624: string.CloseHandle
1232622: string.CreateFileA
1235030: string.RegOpenKeyExA
1070308: string.user32.dll
1152412: string.KERNEL32
1149839: string.ExitProcess
1234558: string.GetMessageA
1234264: string.CreateWindowExA
dropped.file exe 8dc601710e3e68b8d78b5cd73fb28616 / 1292213 bytes / @ 0
ff679b0c4a47515ff8202c012f87f0ab view report 74c40f14400d105afc27312052d929d99a73cdca74b9620205cddb1e89493a93_yel2.doc 626688 130 X 0 0
24656: string.This program must be run under Win32
440302: string.LoadLibraryA
439468: string.GetModuleHandleA
439528: string.GetCommandLineA
160764: string.GetSystemMetrics
439450: string.GetProcAddress
439120: string.EnterCriticalSection
441098: string.CloseHandle
441050: string.CreateFileA
439794: string.RegOpenKeyExA
439688: string.user32.dll
439590: string.ExitProcess
442172: string.CreateWindowExA
dropped.file exe ca32db1eb7047182fe97c21372e656dd / 602112 bytes / @ 24576
d596a7648df2734f5ed998a0e0987702 view report a8d75a3cbd3e081320ff4c3407df985c598f7aaf23da00643348dc3cba4280dc_29m.doc 581632 10 X 0 0
24654: string.This program cannot be run in DOS mode
dropped.file exe 237f346ab34dd505eb4f4fa18021c87a / 557056 bytes / @ 24576
0733e6f2ff7b5e3fcb4e5721b7ebf2f5 view report 60d95298d76b4a6230077123408220cdda6274ac6e8ac400129991189dd4013d_39o.doc 561152 20 X 0 0
24654: string.This program cannot be run in DOS mode
32676: string.KERNEL32
dropped.file exe eceb4245f73a14eebc8a77e05fef3c90 / 536576 bytes / @ 24576
63b4706c5d022f2fa1094a41e39482a6 view report 921cb903d78cfd51ac6b33554c84a51107703cf3ecf6c673dd8eb572aa90e97d_29c.doc 495616 10 X 0 0
24654: string.This program cannot be run in DOS mode
dropped.file exe 29de4a43094fe04703a05ea64bb7afe2 / 471040 bytes / @ 24576
dc1372ce27f6322f9351ddc166b56628 view report 4a657d42546fada1b4c78d91a3c632be6900ca79b696592a774618e54c3f927e_30o.doc 569344 20 X 0 0
24654: string.This program cannot be run in DOS mode
32604: string.KERNEL32
dropped.file exe 798007851c299a3f0b74ced04f6a17fc / 544768 bytes / @ 24576
4a42a7b6855e32749da377935e6b7124 view report 8a7ad1973a917b06de08cfe0dd6cb66af2365b97a8758d92fc71199956fbb5b7_hbYDuh9tfbBfVYg7up.doc 2052608 100 X 0 0
766537: exploit.office embedded Visual Basic execute shell command Wscript.Shell
71758: string.This program cannot be run in DOS mode
318828: string.GetCommandLineA
78066: string.GetProcAddress
316064: string.EnterCriticalSection
78284: string.CloseHandle
78392: string.KERNEL32
78150: string.ExitProcess
766493: string.vbs On Error Resume Next
dropped.file exe 53a3e884883046c47a8f42fda231ada3 / 20992 bytes / @ 71680
dropped.file exe 473355262e65f3befcd93a521788dfe8 / 255488 bytes / @ 92672
dropped.file exe df8900a5462412abd457bc963689a291 / 1704448 bytes / @ 348160
bd9ca8b03d350e7c469ab4bbde696842 view report 9e531790660e3fd25afcb79399967525e842676c1753e116c3b339661eb0c612_6bYDuh9tfbBfVYg7up.doc 2052608 100 X 0 0
766537: exploit.office embedded Visual Basic execute shell command Wscript.Shell
71758: string.This program cannot be run in DOS mode
318828: string.GetCommandLineA
78066: string.GetProcAddress
316064: string.EnterCriticalSection
78284: string.CloseHandle
78392: string.KERNEL32
78150: string.ExitProcess
766493: string.vbs On Error Resume Next
dropped.file exe 53a3e884883046c47a8f42fda231ada3 / 20992 bytes / @ 71680
dropped.file exe 473355262e65f3befcd93a521788dfe8 / 255488 bytes / @ 92672
dropped.file exe 2e92329a71c079d1e2334e24c81f317d / 1704448 bytes / @ 348160
ff679b0c4a47515ff8202c012f87f0ab view report 74c40f14400d105afc27312052d929d99a73cdca74b9620205cddb1e89493a93_yel2.doc 626688 130 X 0 0
24656: string.This program must be run under Win32
440302: string.LoadLibraryA
439468: string.GetModuleHandleA
439528: string.GetCommandLineA
160764: string.GetSystemMetrics
439450: string.GetProcAddress
439120: string.EnterCriticalSection
441098: string.CloseHandle
441050: string.CreateFileA
439794: string.RegOpenKeyExA
439688: string.user32.dll
439590: string.ExitProcess
442172: string.CreateWindowExA
dropped.file exe ca32db1eb7047182fe97c21372e656dd / 602112 bytes / @ 24576
d596a7648df2734f5ed998a0e0987702 view report a8d75a3cbd3e081320ff4c3407df985c598f7aaf23da00643348dc3cba4280dc_29m.doc 581632 10 X 0 0
24654: string.This program cannot be run in DOS mode
dropped.file exe 237f346ab34dd505eb4f4fa18021c87a / 557056 bytes / @ 24576
0733e6f2ff7b5e3fcb4e5721b7ebf2f5 view report 60d95298d76b4a6230077123408220cdda6274ac6e8ac400129991189dd4013d_39o.doc 561152 20 X 0 0
24654: string.This program cannot be run in DOS mode
32676: string.KERNEL32
dropped.file exe eceb4245f73a14eebc8a77e05fef3c90 / 536576 bytes / @ 24576
63b4706c5d022f2fa1094a41e39482a6 view report 921cb903d78cfd51ac6b33554c84a51107703cf3ecf6c673dd8eb572aa90e97d_29c.doc 495616 10 X 0 0
24654: string.This program cannot be run in DOS mode
dropped.file exe 29de4a43094fe04703a05ea64bb7afe2 / 471040 bytes / @ 24576
dc1372ce27f6322f9351ddc166b56628 view report 4a657d42546fada1b4c78d91a3c632be6900ca79b696592a774618e54c3f927e_30o.doc 569344 20 X 0 0
24654: string.This program cannot be run in DOS mode
32604: string.KERNEL32
dropped.file exe 798007851c299a3f0b74ced04f6a17fc / 544768 bytes / @ 24576
4a42a7b6855e32749da377935e6b7124 view report 8a7ad1973a917b06de08cfe0dd6cb66af2365b97a8758d92fc71199956fbb5b7_hbYDuh9tfbBfVYg7up.doc 2052608 100 X 0 0
766537: exploit.office embedded Visual Basic execute shell command Wscript.Shell
71758: string.This program cannot be run in DOS mode
318828: string.GetCommandLineA
78066: string.GetProcAddress
316064: string.EnterCriticalSection
78284: string.CloseHandle
78392: string.KERNEL32
78150: string.ExitProcess
766493: string.vbs On Error Resume Next
dropped.file exe 53a3e884883046c47a8f42fda231ada3 / 20992 bytes / @ 71680
dropped.file exe 473355262e65f3befcd93a521788dfe8 / 255488 bytes / @ 92672
dropped.file exe df8900a5462412abd457bc963689a291 / 1704448 bytes / @ 348160
bd9ca8b03d350e7c469ab4bbde696842 view report 9e531790660e3fd25afcb79399967525e842676c1753e116c3b339661eb0c612_6bYDuh9tfbBfVYg7up.doc 2052608 100 X 0 0
766537: exploit.office embedded Visual Basic execute shell command Wscript.Shell
71758: string.This program cannot be run in DOS mode
318828: string.GetCommandLineA
78066: string.GetProcAddress
316064: string.EnterCriticalSection
78284: string.CloseHandle
78392: string.KERNEL32
78150: string.ExitProcess
766493: string.vbs On Error Resume Next
dropped.file exe 53a3e884883046c47a8f42fda231ada3 / 20992 bytes / @ 71680
dropped.file exe 473355262e65f3befcd93a521788dfe8 / 255488 bytes / @ 92672
dropped.file exe 2e92329a71c079d1e2334e24c81f317d / 1704448 bytes / @ 348160