× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 07adb8253ccc6fee20940de04c1bf4a54a4455525b2ac33f9c95713a8a102f3d
File name: 07adb8253ccc6fee20940de04c1bf4a54a4455525b2ac33f9c95713a8a102f3d....
Detection ratio: 36 / 59
Analysis date: 2018-02-21 11:11:00 UTC ( 2 months ago )
Antivirus Result Update
Ad-Aware Trojan.MAC.VBA 20180221
AegisLab W97M.Gen!c 20180221
AhnLab-V3 W2KM/Downloader 20180220
Antiy-AVL Trojan/MSOffice.gen 20180221
Arcabit Trojan.MAC.VBA 20180221
Avast VBA:Downloader-DWV [Trj] 20180221
AVG VBA:Downloader-DWV [Trj] 20180221
Avira (no cloud) W2000M/Agent.6297111 20180221
AVware Trojan.OLE.Generic.a (v) 20180221
Baidu VBA.Trojan-Downloader.Agent.bae 20180208
BitDefender Trojan.MAC.VBA 20180221
CAT-QuickHeal O97M.Downloader.ZO 20180221
ClamAV Doc.Macro.Obfuscation-6360615-0 20180221
Comodo UnclassifiedMalware 20180221
Cyren PP97M/Agent 20180221
DrWeb W97M.DownLoader.1470 20180221
Emsisoft Trojan.MAC.VBA (B) 20180221
ESET-NOD32 VBA/TrojanDropper.Agent.TO 20180221
F-Prot New or modified PP97M/Agent 20180221
F-Secure Trojan.MAC.VBA 20180221
Fortinet WM/Agent.A4EF!tr 20180221
GData Trojan.MAC.VBA 20180221
Ikarus Trojan.MAC.VBA.EmPyre 20180221
Kaspersky Trojan-Downloader.VBS.Formac.a 20180221
MAX malware (ai score=100) 20180221
McAfee W97M/Downloader.bve 20180221
McAfee-GW-Edition W97M/Downloader.bve 20180221
Microsoft Trojan:O97M/Multos.A 20180221
eScan Trojan.MAC.VBA 20180221
Qihoo-360 virus.office.qexvmc.1100 20180221
Sophos AV Troj/DocDl-HFN 20180221
Symantec W97M.Downloader.M 20180221
Tencent OLE.Win32.Macro.703688 20180221
TrendMicro-HouseCall W2KM_DLOADR.YYSXV 20180221
ViRobot W97M.S.Downloader.33726 20180221
ZoneAlarm by Check Point HEUR:Trojan-Downloader.Script.Generic 20180221
Alibaba 20180216
ALYac 20180221
Avast-Mobile 20180221
Bkav 20180212
CMC 20180221
CrowdStrike Falcon (ML) 20170201
Cybereason None
Cylance 20180221
eGambit 20180221
Endgame 20180216
Sophos ML 20180121
Jiangmin 20180221
K7AntiVirus 20180221
K7GW 20180221
Kingsoft 20180221
Malwarebytes 20180221
NANO-Antivirus 20180221
nProtect 20180221
Palo Alto Networks (Known Signatures) 20180221
Panda 20180220
Rising 20180221
SentinelOne (Static ML) 20180115
SUPERAntiSpyware 20180221
Symantec Mobile Insight 20180220
TheHacker 20180219
Trustlook 20180221
VBA32 20180220
VIPRE 20180221
Webroot 20180221
WhiteArmor 20180205
Yandex 20180221
Zillya 20180220
Zoner 20180221
The file being studied follows the Open XML file format! More specifically, it is a Office Open XML Document file.
Commonly abused properties
The studied file makes use of macros, a macro is a series of commands and instructions that you group together as a single command to accomplish a task automatically. Macros are often abused to perform malicious tasks when working with a document.
Content types
xml
rels
bin
Package relationships
word/document.xml
docProps/app.xml
docProps/core.xml
Core document properties
dc:creator
rootroot root
cp:lastModifiedBy
john john
cp:revision
5
dcterms:created
2016-12-14T04:48:00Z
dcterms:modified
2016-12-21T11:03:00Z
Application document properties
Template
Normal.dotm
TotalTime
11
Pages
2
Words
498
Characters
2842
Application
Microsoft Macintosh Word
DocSecurity
0
Lines
23
Paragraphs
6
ScaleCrop
false
LinksUpToDate
false
CharactersWithSpaces
3334
SharedDoc
false
HyperlinksChanged
false
AppVersion
14.0000
Document languages
Language
Prevalence
ru-ru
2
en-us
1
ja-jp
1
ar-sa
1
ExifTool file metadata
SharedDoc
No

HyperlinksChanged
No

LinksUpToDate
No

LastModifiedBy
john john

Application
Microsoft Macintosh Word

ZipFileName
[Content_Types].xml

Template
Normal.dotm

ZipRequiredVersion
20

ModifyDate
2016:12:21 11:03:00Z

ZipCRC
0xa4f88776

Words
498

ScaleCrop
No

RevisionNumber
5

MIMEType
application/vnd.ms-word.document.macroEnabled

ZipBitFlag
0x0006

CreateDate
2016:12:14 04:48:00Z

Lines
23

AppVersion
14.0

ZipUncompressedSize
1563

ZipCompressedSize
418

Characters
2842

CharactersWithSpaces
3334

DocSecurity
None

ZipModifyDate
1980:01:01 00:00:00

FileType
DOCM

Creator
rootroot root

TotalEditTime
11 minutes

ZipCompression
Deflated

Pages
2

FileTypeExtension
docm

Paragraphs
6

The file being studied is a compressed stream! Details about the compressed contents follow.
Contained files
Compression metadata
Contained files
15
Uncompressed size
109285
Highest datetime
1980-01-01 00:00:00
Lowest datetime
1980-01-01 00:00:00
Contained files by extension
xml
11
bin
1
Contained files by type
XML
14
Microsoft Office
1
File identification
MD5 1de4838f13c49d9f959d04b363326ac1
SHA1 598ebb19bf9fbc17c0bf85ce4ece91fa061f74a6
SHA256 07adb8253ccc6fee20940de04c1bf4a54a4455525b2ac33f9c95713a8a102f3d
ssdeep
768:j3YODZ2mk3Il95WBSwQ+46zFqxaKhXNrk+AY:UuZ2mkfWu5ejb

File size 32.9 KB ( 33726 bytes )
File type Office Open XML Document
Magic literal
Zip archive data, at least v2.0 to extract

TrID Word Microsoft Office Open XML Format document (with Macro) (53.6%)
Word Microsoft Office Open XML Format document (24.2%)
Open Packaging Conventions container (18.0%)
ZIP compressed archive (4.1%)
Tags
macros docx

VirusTotal metadata
First submission 2017-01-16 18:48:58 UTC ( 1 year, 3 months ago )
Last submission 2018-02-21 11:11:00 UTC ( 2 months ago )
File names 1.docm
sample.docm
U.S. Allies and Rivals Digest Trump’s Victory - Carnegie Endowment for International Peace.docm
07adb8253ccc6fee20940de04c1bf4a54a4455525b2ac33f9c95713a8a102f3d.docx
598ebb19bf9fbc17c0bf85ce4ece91fa061f74a6_U.S. Allies and Rivals Digest Trump_s Victory - Carnegie Endowment for International Peace.doc
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!