Cryptam


Recent document malware detections. This list is delayed by 5 days.

MD5filenamesizeseverityhas_exekey_lenrol
b8a28592bde3cb9a0b201321735ac868 view report b8a28592bde3cb9a0b201321735ac868 108544 72 X 0 0
54427: exploit.office embedded Visual Basic write to file Scripting.FileSystemObject
55011: exploit.office embedded Visual Basic execute shell command Wscript.Shell
61504: exploit.office embedded Visual Basic accessing file OpenTextFile
95988: suspicious.office Visual Basic macro
51205: string.vbs On Error Resume Next
dropped.file vbs 759a31dab1fd2cd2562be067b8faf173 / 19998 bytes / @ 58117
dropped.file vbs b5a76ad5834063aaf358eb9573d468e1 / 30429 bytes / @ 78115
d81199e529c02a7de7578782ba4170a4 view report d81199e529c02a7de7578782ba4170a4 105984 72 X 0 0
50134: exploit.office embedded Visual Basic write to file Scripting.FileSystemObject
50718: exploit.office embedded Visual Basic execute shell command Wscript.Shell
57211: exploit.office embedded Visual Basic accessing file OpenTextFile
93914: suspicious.office Visual Basic macro
46912: string.vbs On Error Resume Next
dropped.file vbs 0619bd9dd1bc9e6d5fa5dec9c32f9c04 / 18526 bytes / @ 53824
dropped.file vbs 5ec0803aef28f456f4db2ecd82599c69 / 1601 bytes / @ 72350
dropped.file vbs 4d340ae9120b1a138957ae8f8aa80bf6 / 32033 bytes / @ 73951
aa2a1914705e35642e02c526634ae867 view report aa2a1914705e35642e02c526634ae867 247296 72 X 0 0
198494: exploit.office embedded Visual Basic write to file Scripting.FileSystemObject
199078: exploit.office embedded Visual Basic execute shell command Wscript.Shell
205571: exploit.office embedded Visual Basic accessing file OpenTextFile
236242: suspicious.office Visual Basic macro
195272: string.vbs On Error Resume Next
dropped.file vbs 9f495a0cc80abd4bf8613fcb6a59c6aa / 45112 bytes / @ 202184
3cfcb48557c308571a8f20ad95621c67 view report eac_util.xlam 903996 22 X 0 0
embedded.file vbaProject.bin c5b0cac4228904cbf19aa8ba27d80906
vbaProject.bin.799514: suspicious.office Visual Basic macro
vbaProject.bin.492676: string.shell32.dll
vbaProject.bin.527547: string.vbs On Error Resume Next
9def458ba0d9830492e5e5686345c738 view report 0986b30a139110b45c84b11b01dc1aae29d5e408 11776 22 X 0 0
2770: suspicious.office Visual Basic macro
6243: string.URLDownloadToFileA
4559: string.shell32.dll
ff5147b35abcaec2597884da7c2b24ce view report eac_pv.xlam 2183021 60 X 0 0
embedded.file vbaProject.bin 427090b7f977a3c096a35abb2d24a2c3
vbaProject.bin.465452: exploit.office embedded Visual Basic write to file Scripting.FileSystemObject
vbaProject.bin.506414: exploit.office embedded Visual Basic execute shell command Wscript.Shell
vbaProject.bin.103728: string.shell32.dll
vbaProject.bin.1217051: string.vbs On Error Resume Next
14f52f34f83424d2ec2bed1f8069866a view report heatenergy2015_tarif.xls 3045376 22 X 0 0
2566354: suspicious.office Visual Basic macro
2595223: string.user32.dll
1381647: string.vbs On Error Resume Next
9f1f0c45c5ec97890890e221c321c9ce view report 9f1f0c45c5ec97890890e221c321c9ce 21504 20 X 0 0
3238: string.This program cannot be run in DOS mode
3360: string.PE Header
dropped.file exe 47193565ca1cb5dce7402dc873d4b0cf / 18344 bytes / @ 3160
1a82cb4c975984e43c922886610a8e15 view report /de/downloads/ 5343417 40 X 0 0
embedded.file FirePHP.php f619b5a77fee4b21e4397e98d858fbf4
embedded.file Cli.php 7b0c7a3c87f7fe98aed87e502bd4d1bc
embedded.file Minify.php 288b7f9fe1941ded9334008b226c0ad6
embedded.file JSMin.php 14e2fd4728a4800057e9f8d50abbc968
embedded.file jquery-1.6.3.min.js 0efa3b9aa0f509043308e7c6e23538f8
jquery-1.6.3.min.js.20220: suspicious.office embedded Flash in MSO file
embedded.file exportsettings.php fd5277583e75c10731f3702320942899
embedded.file autocomplete.js 25fce5cff429651d2d0cf974b247b603
embedded.file taxonomy.js bc522d0a713a5970dfb5e8cc23a31319
embedded.file animate.css 9b01508c4038b9fbeafa9676ab7d8b62
embedded.file cloud-admin.css 2c0d13e9b7386bba6d5b866346263cca
embedded.file bootstrap.css 2183d05f5a0a9a3b2e8cb0509ca363e3
embedded.file bootstrap.js 9cb0532955cf4d4fb43f792ce0f87227
embedded.file jquery.flot.navigate.js 0fd6d20c90a468fd43d5573542cfab4b
embedded.file jquery.min.js 3576a6e73c9dccdbbc4a2cf8ff544ad7
jquery.min.js.23127: suspicious.office embedded Flash in MSO file
embedded.file jquery.flot.errorbars.js 73fcfdc8eb3b79de42e4e9a009749127
embedded.file jquery.js 91515770ce8c55de23b306444d8ea998
jquery.js.105378: suspicious.office embedded Flash in MSO file
embedded.file jquery-ui.min.js 547ed2e72b2393df17fc87c3f63db51b
jquery-ui.min.js.212889: string.CloseHandle
embedded.file jquery-ui.js 87f507138d974d221858c09658a3ba86
jquery-ui.js.403041: string.CloseHandle
embedded.file dashboard.tpl 2ddba3fd627efea8d964fc7c4d700ee5
ea9de1b29f5ee12d50d8ab9a6c94acc7 view report metasploit-framework.md5sums 4019249 22 X 0 0
24959: suspicious.office DDE Excel execution
289211: string.GetProcAddress
138181: string.shell32.dll
d9a3293353c288c6177ab153a0c6eb28 view report metasploit-framework.list 3441702 20 X 0 0
3293954: string.GetProcAddress
2735741: string.shell32.dll
f1d1c0de36512b9178e73a2c24c42fe4 view report /1/6/e/6ebdbb612053b3d196efa2a2ae1fa0826393663bf6f11aeac8e77be017264caf.file 1534802 70 X 0 0
embedded.file kaz.dll 781948b6812e3bb9d241ca018e592c73
kaz.dll.78: string.This program cannot be run in DOS mode
kaz.dll.423652: string.GetModuleHandleA
kaz.dll.423672: string.GetProcAddress
kaz.dll.428630: string.EnterCriticalSection
kaz.dll.428616: string.CloseHandle
kaz.dll.423798: string.KERNEL32
embedded.file kaz.exe 61d6614341a09e3af9aa6024e4291edc
kaz.exe.78: string.This program cannot be run in DOS mode
286bce911ca6758c564faa9a3e40b841 view report vbaProject.bin 195072 32 X 0 0
35504: exploit.office embedded Visual Basic write to file Scripting.FileSystemObject
170206: suspicious.office Visual Basic macro
116224: string.vbs On Error Resume Next
2f5d8b9288f9cd8b39727b35e3a3c558 view report %D1%81%D0%BA%D0%B0%D0%BD%20%D0%BE%D1%82%D1%87%D0%B5%D1%82.doc 1178112 130 X 0 0
20718: string.This program must be run under Win32
51162: string.LoadLibraryA
565726: string.GetModuleHandleA
565786: string.GetCommandLineA
196470: string.GetSystemMetrics
51130: string.GetProcAddress
565378: string.EnterCriticalSection
567680: string.CloseHandle
567616: string.CreateFileA
566052: string.RegOpenKeyExA
565946: string.user32.dll
565848: string.ExitProcess
568696: string.CreateWindowExA
dropped.file exe 6f600c60fafa8a5f7a3f76dc048c9672 / 1157474 bytes / @ 20638
6d1729701c9d8934e3e9ff459e09ad9b view report /1/4/a/4a803cf4a62d15bccf4b31769d98345ba807c2a4f4c8457ae9232357866e11f7.file 3647187 160 X 0 0
embedded.file cursedCheats.dll e432e0ae56728a65849b2128353e14d5
cursedCheats.dll.78: string.This program cannot be run in DOS mode
cursedCheats.dll.727660: string.GetModuleHandleA
cursedCheats.dll.729238: string.GetCommandLineA
cursedCheats.dll.727642: string.GetProcAddress
cursedCheats.dll.728166: string.EnterCriticalSection
cursedCheats.dll.728152: string.CloseHandle
cursedCheats.dll.727812: string.KERNEL32
cursedCheats.dll.663311: string.ExitProcess
embedded.file Injector_1.exe e124262b09a5a436ac2080f6470cb440
Injector_1.exe.78: string.This program cannot be run in DOS mode
Injector_1.exe.1936108: string.GetModuleHandleA
Injector_1.exe.1936698: string.GetCommandLineA
Injector_1.exe.1934386: string.GetProcAddress
Injector_1.exe.1847315: string.EnterCriticalSection
Injector_1.exe.1932992: string.CloseHandle
Injector_1.exe.1933594: string.KERNEL32
Injector_1.exe.1803199: string.ExitProcess
Injector_1.exe.dropped.file exe 865a44734fb1a0a0eaad522044795f25 / 65472 bytes / @ 2028392
Injector_1.exe.dropped.file exe a412d79aae7178a73b61af62b299d452 / 63912 bytes / @ 2093864
Injector_1.exe.dropped.file exe bbb9bf864a17a8a15026294d26523f73 / 64960 bytes / @ 2157776
Injector_1.exe.dropped.file exe eb753b2c6414d176d60047d4328c6ca0 / 66928 bytes / @ 2222736