Cryptam


Recent document malware detections. This list is delayed by 5 days.

MD5filenamesizeseverityhas_exekey_lenrol
8194369f1fd2ed75e77731d816ad8822 view report 81ff9eff436be89e8afc49cbf735cdd454c4326dc96ca6093309b5faa885cbdd_eze9911.doc 339968 60 X 0 0
24656: string.This program must be run under Win32
338958: string.LoadLibraryA
338972: string.GetProcAddress
338923: string.user32.dll
338848: string.KERNEL32
339032: string.ExitProcess
dropped.file exe 6ebab33b6f6cc3d0bfa93aa71de7c087 / 315392 bytes / @ 24576
8194369f1fd2ed75e77731d816ad8822 view report 81ff9eff436be89e8afc49cbf735cdd454c4326dc96ca6093309b5faa885cbdd_eze9911.doc 339968 60 X 0 0
24656: string.This program must be run under Win32
338958: string.LoadLibraryA
338972: string.GetProcAddress
338923: string.user32.dll
338848: string.KERNEL32
339032: string.ExitProcess
dropped.file exe 6ebab33b6f6cc3d0bfa93aa71de7c087 / 315392 bytes / @ 24576
910ac49c472bc706e3d8e7238da10047 view report 99f8782a649fa512a7de62c263bf43812ceb243e3e4cfd41e5d16412f89929b6__output2a01f50.doc 671744 10 X 0 0
24654: string.This program cannot be run in DOS mode
dropped.file exe 6609d3ef4123cafd7cde29dc39123123 / 647168 bytes / @ 24576
d563a663e92f5adfa309c4138d0e083c view report 7ace86a8d4f04171a88d0b9a2091b005b03c40aabc0ebc72d80bba124cabdba0__outputea4302f.doc 675840 20 X 0 0
24654: string.This program cannot be run in DOS mode
33748: string.shell32.dll
dropped.file exe 5c4b0f1a88b81124a1c34bddd9a1a9f1 / 651264 bytes / @ 24576
a1cf9e7dea24fc1abb1e03a59c2799f1 view report a76a935d173d02e4a8dd767a5cf6d423207a58adc90c2c5cc47946b67a81d570__outputb1d57df.doc 675840 20 X 0 0
24654: string.This program cannot be run in DOS mode
33772: string.shell32.dll
dropped.file exe 90c45e6d00c51e41fb742c4e6d8d9abb / 651264 bytes / @ 24576
6858bf246cd7cbb3f3f41543d3831f50 view report a96e6a77b47cb5fc15f242a052999f46057614c4095b748a2e7cfaa74fecea79__outputedde31f.doc 679936 20 X 0 0
24654: string.This program cannot be run in DOS mode
33796: string.shell32.dll
dropped.file exe a39963bbae28e3fb9d4b7884571c1aee / 655360 bytes / @ 24576
66e0c6c4c7c92602aa9ce0749177ef00 view report cfc2aebaa2e1bbec94ce2709e80b692691514cfd7511600d7e80d07a6f774462__output761d870.doc 675840 20 X 0 0
24654: string.This program cannot be run in DOS mode
33824: string.shell32.dll
dropped.file exe 4d89a0ceae14dccd18e69c23c76fe46e / 651264 bytes / @ 24576
910ac49c472bc706e3d8e7238da10047 view report 99f8782a649fa512a7de62c263bf43812ceb243e3e4cfd41e5d16412f89929b6__output2a01f50.doc 671744 10 X 0 0
24654: string.This program cannot be run in DOS mode
dropped.file exe 6609d3ef4123cafd7cde29dc39123123 / 647168 bytes / @ 24576
d563a663e92f5adfa309c4138d0e083c view report 7ace86a8d4f04171a88d0b9a2091b005b03c40aabc0ebc72d80bba124cabdba0__outputea4302f.doc 675840 20 X 0 0
24654: string.This program cannot be run in DOS mode
33748: string.shell32.dll
dropped.file exe 5c4b0f1a88b81124a1c34bddd9a1a9f1 / 651264 bytes / @ 24576
a1cf9e7dea24fc1abb1e03a59c2799f1 view report a76a935d173d02e4a8dd767a5cf6d423207a58adc90c2c5cc47946b67a81d570__outputb1d57df.doc 675840 20 X 0 0
24654: string.This program cannot be run in DOS mode
33772: string.shell32.dll
dropped.file exe 90c45e6d00c51e41fb742c4e6d8d9abb / 651264 bytes / @ 24576
6858bf246cd7cbb3f3f41543d3831f50 view report a96e6a77b47cb5fc15f242a052999f46057614c4095b748a2e7cfaa74fecea79__outputedde31f.doc 679936 20 X 0 0
24654: string.This program cannot be run in DOS mode
33796: string.shell32.dll
dropped.file exe a39963bbae28e3fb9d4b7884571c1aee / 655360 bytes / @ 24576
66e0c6c4c7c92602aa9ce0749177ef00 view report cfc2aebaa2e1bbec94ce2709e80b692691514cfd7511600d7e80d07a6f774462__output761d870.doc 675840 20 X 0 0
24654: string.This program cannot be run in DOS mode
33824: string.shell32.dll
dropped.file exe 4d89a0ceae14dccd18e69c23c76fe46e / 651264 bytes / @ 24576
28c35117953af1434b8325ca22efb82c view report 01813daa53abaa8ba5063d6ccc2638062aeeac895a10a42be59e5ecd46f37499_DiamondSaber_2018.xlsx 1757576 54 X 0 0
embedded.file activeX1.xml 30ea09e5be9a732575c2fea76252358e
activeX1.xml.56: suspicious.office activeX
embedded.file vbaProject.bin e2e8adb9c1404230e551a2d18e89f816
vbaProject.bin.46920: exploit.office embedded Visual Basic execute shell command Wscript.Shell
vbaProject.bin.47030: exploit.office cmd.exe shell command
vbaProject.bin.185602: suspicious.office Visual Basic macro
vbaProject.bin.189414: string.shell32.dll
28c35117953af1434b8325ca22efb82c view report 01813daa53abaa8ba5063d6ccc2638062aeeac895a10a42be59e5ecd46f37499_DiamondSaber_2018.xlsx 1757576 54 X 0 0
embedded.file activeX1.xml 30ea09e5be9a732575c2fea76252358e
activeX1.xml.56: suspicious.office activeX
embedded.file vbaProject.bin e2e8adb9c1404230e551a2d18e89f816
vbaProject.bin.46920: exploit.office embedded Visual Basic execute shell command Wscript.Shell
vbaProject.bin.47030: exploit.office cmd.exe shell command
vbaProject.bin.185602: suspicious.office Visual Basic macro
vbaProject.bin.189414: string.shell32.dll
9e4ac501dbb80a1b15a079f203b97ca5 view report 34c60100b9d18aed23bc438e0ae47f141503410da1fdb04faa0c0e60549950cf_loki1.doc 270336 10 X 0 0
24654: string.This program cannot be run in DOS mode
dropped.file exe b0886cb22f81a6d7df6c6568c40d15cf / 245760 bytes / @ 24576