Cryptam


Recent document malware detections. This list is delayed by 5 days.

MD5filenamesizeseverityhas_exekey_lenrol
1adf656d80bf5188519c7ab37ec5bcf8 view report oleObject1.bin 1584128 52 X 0 0
1104: suspicious.office Packager ClassID used by CVE-2014-6352 C
15041: string.This program cannot be run in DOS mode
422343: string.URLDownloadToFileA
422059: string.CloseHandle
424995: string.user32.dll
421543: string.shell32.dll
dropped.file exe d686bf014a9d5e9502767f5c104c1a06 / 1569165 bytes / @ 14963
984b9b1b13469575657cf24bc4c93158 view report __substg1.0_37010102 1225091 52 X 0 0
embedded.file oleObject1.bin 1adf656d80bf5188519c7ab37ec5bcf8
oleObject1.bin.1104: suspicious.office Packager ClassID used by CVE-2014-6352 C
oleObject1.bin.15041: string.This program cannot be run in DOS mode
oleObject1.bin.422343: string.URLDownloadToFileA
oleObject1.bin.422059: string.CloseHandle
oleObject1.bin.424995: string.user32.dll
oleObject1.bin.421543: string.shell32.dll
oleObject1.bin.dropped.file exe d686bf014a9d5e9502767f5c104c1a06 / 1569165 bytes / @ 14963
065fd509083e2d65c4f383ee7610356a view report vbaProject.bin 41984 72 X 0 0
9774: exploit.office embedded Visual Basic write to file Scripting.FileSystemObject
39776: exploit.office embedded Visual Basic execute shell command Wscript.Shell
32674: exploit.office embedded Visual Basic accessing file OpenTextFile
34576: suspicious.office Visual Basic macro
10429: string.vbs impersonationLevel
856bee21d46cbbd21b7ebbe71805ced8 view report 856bee21d46cbbd21b7ebbe71805ced8 75038 72 X 0 0
embedded.file vbaProject.bin 2babd30e64659646c0a0ebe602ab9e60
vbaProject.bin.9774: exploit.office embedded Visual Basic write to file Scripting.FileSystemObject
vbaProject.bin.39776: exploit.office embedded Visual Basic execute shell command Wscript.Shell
vbaProject.bin.32674: exploit.office embedded Visual Basic accessing file OpenTextFile
vbaProject.bin.34576: suspicious.office Visual Basic macro
vbaProject.bin.10429: string.vbs impersonationLevel
509da02dae564e389eb9971e4c02faf4 view report 509da02dae564e389eb9971e4c02faf4 75041 72 X 0 0
embedded.file vbaProject.bin 28e907200a448e726028536d1dd6e1ce
vbaProject.bin.9774: exploit.office embedded Visual Basic write to file Scripting.FileSystemObject
vbaProject.bin.39776: exploit.office embedded Visual Basic execute shell command Wscript.Shell
vbaProject.bin.32674: exploit.office embedded Visual Basic accessing file OpenTextFile
vbaProject.bin.34576: suspicious.office Visual Basic macro
vbaProject.bin.10429: string.vbs impersonationLevel
8f58605f0a41c3672242973faa5fb414 view report 8f58605f0a41c3672242973faa5fb414 75047 72 X 0 0
embedded.file vbaProject.bin 065fd509083e2d65c4f383ee7610356a
vbaProject.bin.9774: exploit.office embedded Visual Basic write to file Scripting.FileSystemObject
vbaProject.bin.39776: exploit.office embedded Visual Basic execute shell command Wscript.Shell
vbaProject.bin.32674: exploit.office embedded Visual Basic accessing file OpenTextFile
vbaProject.bin.34576: suspicious.office Visual Basic macro
vbaProject.bin.10429: string.vbs impersonationLevel
28e907200a448e726028536d1dd6e1ce view report vbaProject.bin 41984 72 X 0 0
9774: exploit.office embedded Visual Basic write to file Scripting.FileSystemObject
39776: exploit.office embedded Visual Basic execute shell command Wscript.Shell
32674: exploit.office embedded Visual Basic accessing file OpenTextFile
34576: suspicious.office Visual Basic macro
10429: string.vbs impersonationLevel
2babd30e64659646c0a0ebe602ab9e60 view report vbaProject.bin 41984 72 X 0 0
9774: exploit.office embedded Visual Basic write to file Scripting.FileSystemObject
39776: exploit.office embedded Visual Basic execute shell command Wscript.Shell
32674: exploit.office embedded Visual Basic accessing file OpenTextFile
34576: suspicious.office Visual Basic macro
10429: string.vbs impersonationLevel
1a42b4cd98ff36eb755be3712e96b181 view report vbaProject.bin 41984 72 X 0 0
9774: exploit.office embedded Visual Basic write to file Scripting.FileSystemObject
39776: exploit.office embedded Visual Basic execute shell command Wscript.Shell
32674: exploit.office embedded Visual Basic accessing file OpenTextFile
34576: suspicious.office Visual Basic macro
10429: string.vbs impersonationLevel
2465ad67f9bf09fce6646385d089c49e view report 82513.docm 75042 72 X 0 0
embedded.file vbaProject.bin 1a42b4cd98ff36eb755be3712e96b181
vbaProject.bin.9774: exploit.office embedded Visual Basic write to file Scripting.FileSystemObject
vbaProject.bin.39776: exploit.office embedded Visual Basic execute shell command Wscript.Shell
vbaProject.bin.32674: exploit.office embedded Visual Basic accessing file OpenTextFile
vbaProject.bin.34576: suspicious.office Visual Basic macro
vbaProject.bin.10429: string.vbs impersonationLevel
d210ca026359c634d93deaeb51b97198 view report vbaProject.bin 41984 72 X 0 0
9774: exploit.office embedded Visual Basic write to file Scripting.FileSystemObject
39776: exploit.office embedded Visual Basic execute shell command Wscript.Shell
32674: exploit.office embedded Visual Basic accessing file OpenTextFile
34576: suspicious.office Visual Basic macro
10429: string.vbs impersonationLevel
2ee3e76b1c15cfcaffac3a58d371c9ce view report 2ee3e76b1c15cfcaffac3a58d371c9ce 75070 72 X 0 0
embedded.file vbaProject.bin 74a32503f3ffabca9f960ba9ba9f2145
vbaProject.bin.9774: exploit.office embedded Visual Basic write to file Scripting.FileSystemObject
vbaProject.bin.39712: exploit.office embedded Visual Basic execute shell command Wscript.Shell
vbaProject.bin.32674: exploit.office embedded Visual Basic accessing file OpenTextFile
vbaProject.bin.34576: suspicious.office Visual Basic macro
vbaProject.bin.10429: string.vbs impersonationLevel
96b7dfdcb377196782fbaf7c142795ff view report vbaProject.bin 41984 72 X 0 0
9774: exploit.office embedded Visual Basic write to file Scripting.FileSystemObject
39776: exploit.office embedded Visual Basic execute shell command Wscript.Shell
32674: exploit.office embedded Visual Basic accessing file OpenTextFile
34576: suspicious.office Visual Basic macro
10429: string.vbs impersonationLevel
51ce3f8bd450d842647141f56364d343 view report 51ce3f8bd450d842647141f56364d343 75057 72 X 0 0
embedded.file vbaProject.bin 96b7dfdcb377196782fbaf7c142795ff
vbaProject.bin.9774: exploit.office embedded Visual Basic write to file Scripting.FileSystemObject
vbaProject.bin.39776: exploit.office embedded Visual Basic execute shell command Wscript.Shell
vbaProject.bin.32674: exploit.office embedded Visual Basic accessing file OpenTextFile
vbaProject.bin.34576: suspicious.office Visual Basic macro
vbaProject.bin.10429: string.vbs impersonationLevel
74a32503f3ffabca9f960ba9ba9f2145 view report vbaProject.bin 41984 72 X 0 0
9774: exploit.office embedded Visual Basic write to file Scripting.FileSystemObject
39712: exploit.office embedded Visual Basic execute shell command Wscript.Shell
32674: exploit.office embedded Visual Basic accessing file OpenTextFile
34576: suspicious.office Visual Basic macro
10429: string.vbs impersonationLevel