Cryptam


Recent document malware detections. This list is delayed by 5 days.

MD5filenamesizeseverityhas_exekey_lenrol
eed08f1723f3c0f9ee5bf21778b8cffb view report vbaProject.bin 47104 32 X 0 0
20938: exploit.office embedded Visual Basic write to file Scripting.FileSystemObject
38626: suspicious.office Visual Basic macro
9272: string.vbs impersonationLevel
3fe570c8459d094a2132bcc905bfdcf4 view report Report-12-05-2017.doc 538433 92 X 0 0
embedded.file oleObject1.bin 951aa042a89ede075d7c86b4819b9421
oleObject1.bin.1104: suspicious.office Packager ClassID used by CVE-2014-6352 C
oleObject1.bin.10428: string.This program cannot be run in DOS mode
oleObject1.bin.587410: string.LoadLibraryA
oleObject1.bin.592108: string.GetSystemMetrics
oleObject1.bin.587426: string.GetProcAddress
oleObject1.bin.593022: string.CreateProcessA
oleObject1.bin.588486: string.EnterCriticalSection
oleObject1.bin.575558: string.CloseHandle
oleObject1.bin.589580: string.KERNEL32
oleObject1.bin.540341: string.ExitProcess
oleObject1.bin.dropped.file exe d2d88f54cdebbd10efdb3d42d8afacfe / 975762 bytes / @ 10350
16e1cba1a081c3871ddf7aee9b9ff4f3 view report EmbeddedFile.docm 99183 52 X 0 0
embedded.file vbaProject.bin eed08f1723f3c0f9ee5bf21778b8cffb
vbaProject.bin.20938: exploit.office embedded Visual Basic write to file Scripting.FileSystemObject
vbaProject.bin.38626: suspicious.office Visual Basic macro
vbaProject.bin.9272: string.vbs impersonationLevel
embedded.file core.xml da6bb1e5eb7b3e8a820a799fa7adb94b
core.xml.788: exploit.office embedded Visual Basic execute shell command Wscript.Shell
b9d0571c17fe557fbbd13008cb6b9abc view report ORDER_00967354.xlsx 1632433 10 X 0 0
embedded.file oleObject1.bin 18ef07cb9c74b4e9138e1271217919d2
oleObject1.bin.15555: string.This program cannot be run in DOS mode
oleObject1.bin.dropped.file exe fa0fd7645609042326b66f319850edc2 / 1563531 bytes / @ 15477
b41116879e4a7e5cbb3441e16cb501c5 view report vir.bin 73234 52 X 0 0
embedded.file vbaProject.bin fc1d7d13ca76d2f44ce60013933b0a7d
vbaProject.bin.21674: exploit.office embedded Visual Basic write to file Scripting.FileSystemObject
vbaProject.bin.38112: exploit.office embedded Visual Basic execute shell command Wscript.Shell
vbaProject.bin.32528: suspicious.office Visual Basic macro
vbaProject.bin.28136: string.vbs impersonationLevel
6e1007d34be20a69a2ff850d778187e2 view report myfile.exe 40448 52 X 0 0
7538: exploit.office embedded Visual Basic write to file Scripting.FileSystemObject
38184: exploit.office embedded Visual Basic execute shell command Wscript.Shell
32528: suspicious.office Visual Basic macro
28536: string.vbs impersonationLevel
7e0407dbd9d064ccb7bd1bad8f982fb0 view report myfile.exe 39936 32 X 0 0
27922: exploit.office embedded Visual Basic write to file Scripting.FileSystemObject
32528: suspicious.office Visual Basic macro
15957: string.vbs impersonationLevel
e8585b71b7479410f8dc6e8d229114d7 view report myfile.exe 40448 52 X 0 0
7538: exploit.office embedded Visual Basic write to file Scripting.FileSystemObject
38184: exploit.office embedded Visual Basic execute shell command Wscript.Shell
32528: suspicious.office Visual Basic macro
28536: string.vbs impersonationLevel
7778124701bc7bd0826335f3a8eaa554 view report 7778124701bc7bd0826335f3a8eaa554 265216 72 X 0 0
219419: exploit.office embedded Visual Basic write to file Scripting.FileSystemObject
220003: exploit.office embedded Visual Basic execute shell command Wscript.Shell
226496: exploit.office embedded Visual Basic accessing file OpenTextFile
256210: suspicious.office Visual Basic macro
216709: string.vbs On Error Resume Next
dropped.file vbs 2f511e3b635088bb73aa37f2b9552f1a / 19998 bytes / @ 223109
dropped.file vbs e6fe140bc56a544fab55ed1d48fd7c67 / 22109 bytes / @ 243107
10c46b5005926e488a1e63534afd01bb view report 10c46b5005926e488a1e63534afd01bb.virus 43908 52 X 0 0
31766: exploit.office embedded Visual Basic write to file Scripting.FileSystemObject
41451: exploit.office embedded Visual Basic execute shell command Wscript.Shell
35600: suspicious.office Visual Basic macro
24896: string.vbs impersonationLevel
07156c65346945df3df9d758fcecc410 view report 07156c65346945df3df9d758fcecc410.virus 40448 52 X 0 0
22330: exploit.office embedded Visual Basic write to file Scripting.FileSystemObject
38187: exploit.office embedded Visual Basic execute shell command Wscript.Shell
32528: suspicious.office Visual Basic macro
29284: string.vbs impersonationLevel
fa88c0af99afa8e2aa8bcde708add500 view report vbaProject.bin 47104 32 X 0 0
20938: exploit.office embedded Visual Basic write to file Scripting.FileSystemObject
38626: suspicious.office Visual Basic macro
9272: string.vbs impersonationLevel
e243b6f7c8dbb934f13bda62f0d92009 view report vbaProject.bin 47104 32 X 0 0
20938: exploit.office embedded Visual Basic write to file Scripting.FileSystemObject
38626: suspicious.office Visual Basic macro
9272: string.vbs impersonationLevel
b087a385f352cb1516a86a9f997fc048 view report b087a385f352cb1516a86a9f997fc048.virus 44032 52 X 0 0
31766: exploit.office embedded Visual Basic write to file Scripting.FileSystemObject
41451: exploit.office embedded Visual Basic execute shell command Wscript.Shell
35600: suspicious.office Visual Basic macro
24896: string.vbs impersonationLevel
a0e1c034f47ced1e8e0a0fe28bae2966 view report a0e1c034f47ced1e8e0a0fe28bae2966.virus 109568 72 X 0 0
55947: exploit.office embedded Visual Basic write to file Scripting.FileSystemObject
56531: exploit.office embedded Visual Basic execute shell command Wscript.Shell
63024: exploit.office embedded Visual Basic accessing file OpenTextFile
97524: suspicious.office Visual Basic macro
52725: string.vbs On Error Resume Next
dropped.file vbs 8b0d6a7fb6111e705b891fbe8fcbbc36 / 18528 bytes / @ 59637
dropped.file vbs 5ec0803aef28f456f4db2ecd82599c69 / 1601 bytes / @ 78165
dropped.file vbs 04769d0f926e4750c624062da456bd68 / 29802 bytes / @ 79766