Cryptam


Recent document malware detections. This list is delayed by 5 days.

MD5filenamesizeseverityhas_exekey_lenrol
3f25c6d50313325dc9eccc5d05a6639b view report 875574.XLSM 1119375 32 X 0 0
embedded.file vbaProject.bin 8e838ad346f49c8d1e0c7dfeb73ed281
vbaProject.bin.497890: suspicious.office Visual Basic macro
vbaProject.bin.582150: exploit.office RTF MSCOMCTL.OCX RCE CVE-2012-0158 obs E
vbaProject.bin.48909: string.vbs On Error Resume Next
f2d6cfd6a518ce78d04aff383e7d9853 view report f2d6cfd6a518ce78d04aff383e7d9853.virus 138240 22 X 0 0
130322: suspicious.office Visual Basic macro
33911: string.CloseHandle
33879: string.CreateFileA
d435bb0e59b4d6c1b935e2ead7d6e833 view report d435bb0e59b4d6c1b935e2ead7d6e833.virus 131584 22 X 0 0
124178: suspicious.office Visual Basic macro
27255: string.CloseHandle
27223: string.CreateFileA
d7b808adee2ee754abaccbae225507bd view report oleObject1.bin 48128 22 X 0 0
1104: suspicious.office Packager ClassID used by CVE-2014-6352 C
2747: string.This program cannot be run in DOS mode
32001: string.user32.dll
dropped.file exe 76f9da5b154bfd439cbb4b2fbf7af751 / 45459 bytes / @ 2669
8331ff807d17dcc23c1dc3ffbfe0b1e2 view report Contract_TRD8237_Refno_121795_85456200 1504260844.doc 36460 22 X 0 0
embedded.file oleObject1.bin d7b808adee2ee754abaccbae225507bd
oleObject1.bin.1104: suspicious.office Packager ClassID used by CVE-2014-6352 C
oleObject1.bin.2747: string.This program cannot be run in DOS mode
oleObject1.bin.32001: string.user32.dll
oleObject1.bin.dropped.file exe 76f9da5b154bfd439cbb4b2fbf7af751 / 45459 bytes / @ 2669
bcfdcdfe62fd07fd0b8ee4132810b030 view report Factura_155626.doc 254976 32 X 0 0
250590: suspicious.office Visual Basic macro
169261: exploit.office VB Macro auto execute
252410: string.shell32.dll
bf8cc2c5cfa140b6d969dd21dda40ce1 view report 8551f1665134b40c0dcf3513f019d6d9805a77c29f05cb55230b80e7bc5d9ec4b696c638c23308cc76e00995149058a20a7616c11c21d26fd890b7c3e02ddb2e 404480 72 X 0 0
333278: exploit.office embedded Visual Basic write to file Scripting.FileSystemObject
333862: exploit.office embedded Visual Basic execute shell command Wscript.Shell
340371: exploit.office embedded Visual Basic accessing file OpenTextFile
392436: suspicious.office Visual Basic macro
330568: string.vbs On Error Resume Next
dropped.file vbs 3b106bafbc25b471e01aa08854176e03 / 20132 bytes / @ 336976
dropped.file vbs 95888b0e56250bd78bb1ace4d0fe4503 / 47372 bytes / @ 357108
e80069171b51a0393b60c2c22e8269d6 view report 28256ffe72d69700b8419aea9a5156e70e79ba68308e2f76d811a1c9448204ec41db9eea37152b934a8d1b09df14c4babefdb6f491d7a13a89e3bd55d3eea571 99328 72 X 0 0
52619: exploit.office embedded Visual Basic write to file Scripting.FileSystemObject
53203: exploit.office embedded Visual Basic execute shell command Wscript.Shell
59696: exploit.office embedded Visual Basic accessing file OpenTextFile
88274: suspicious.office Visual Basic macro
49397: string.vbs On Error Resume Next
dropped.file vbs ea0c27817cee62bf970c45c52ab2a0e6 / 19998 bytes / @ 56309
dropped.file vbs a2f420e3d32ca2ab11cd71ab39b0a977 / 23021 bytes / @ 76307
d79269a2238a788f0c9a1c51ae0601c4 view report d79269a2238a788f0c9a1c51ae0601c4.virus 316416 72 X 0 0
264032: exploit.office embedded Visual Basic write to file Scripting.FileSystemObject
264616: exploit.office embedded Visual Basic execute shell command Wscript.Shell
271109: exploit.office embedded Visual Basic accessing file OpenTextFile
301266: suspicious.office Visual Basic macro
260810: string.vbs On Error Resume Next
dropped.file vbs 2cb4e3336d06968ce04a491ca2c8a355 / 48694 bytes / @ 267722
9bbf5a9f97eb20af7cac84e69eb24272 view report 7a162a00a41ee718d5588424a31415ac0471e398a09d7950479f0077cdd90fdc_.xls 89088 72 X 0 0
42891: exploit.office embedded Visual Basic write to file Scripting.FileSystemObject
43475: exploit.office embedded Visual Basic execute shell command Wscript.Shell
49968: exploit.office embedded Visual Basic accessing file OpenTextFile
79030: suspicious.office Visual Basic macro
40181: string.vbs On Error Resume Next
dropped.file vbs 50aed3a1e2bda365770ccd6df12f6a34 / 20510 bytes / @ 46581
dropped.file vbs 5021ff9793e23cddd7f841a409a2f9e9 / 21997 bytes / @ 67091
0bad6ec8baf5ac5f1efcb7aa8eed4696 view report 0bad6ec8baf5ac5f1efcb7aa8eed4696.virus 95232 72 X 0 0
47456: exploit.office embedded Visual Basic write to file Scripting.FileSystemObject
48040: exploit.office embedded Visual Basic execute shell command Wscript.Shell
54533: exploit.office embedded Visual Basic accessing file OpenTextFile
84690: suspicious.office Visual Basic macro
44746: string.vbs On Error Resume Next
dropped.file vbs 4d92dcabb13bf3150c4b0baf92a561d8 / 44086 bytes / @ 51146
01b0134ac7a8d26de0aa7bb6173caaaf view report Apple order.doc 63488 32 X 0 0
59734: suspicious.office Visual Basic macro
42572: exploit.office VB Macro auto execute
61427: string.shell32.dll
4c13890218021927136cebff4280c4b9 view report a345be72b05e49b4aa53d8d2c6a8fe74d7eb3e936c624698d5bfa8ba9c880480.exe 6275564 42 X 0 0
embedded.file vbaProject.bin 406266cbb37639090d1aa9bd44fcf889
vbaProject.bin.655423: exploit.office embedded Visual Basic write to file Scripting.FileSystemObject
vbaProject.bin.2989332: suspicious.office Visual Basic macro
vbaProject.bin.1359447: string.URLDownloadToFileA
vbaProject.bin.1788458: string.vbs On Error Resume Next
b7efdeccbc931386aa511a610a2ae0b3 view report vbaProject.bin 95744 72 X 0 0
3744: exploit.office embedded Visual Basic write to file Scripting.FileSystemObject
41488: exploit.office embedded Visual Basic execute shell command Wscript.Shell
47981: exploit.office embedded Visual Basic accessing file OpenTextFile
83714: suspicious.office Visual Basic macro
38194: string.vbs On Error Resume Next
dropped.file vbs 9d6531c8e17b5eea2a1c0b6859fc54db / 20510 bytes / @ 44594
dropped.file vbs 8c751494314b089641c99341caa2bca0 / 30640 bytes / @ 65104
ae148006b268ef71584c94d27b23cae6 view report Factura_11165.doc 265728 32 X 0 0
261342: suspicious.office Visual Basic macro
169261: exploit.office VB Macro auto execute
263604: string.shell32.dll