| SHA256: | 0997950f4e799b62a616a8c17d3e685543ac7232ae31f7b8864350bf78c53b90 |
| File name: | 67ec9375133fedb7c67cf136f0d9ac058d610bc7 |
| Detection ratio: | 7 / 59 |
| Analysis date: | 2017-09-07 11:03:05 UTC ( 1 year, 5 months ago ) View latest |
| Antivirus | Result | Update |
|---|---|---|
| Baidu | VBA.Trojan-Downloader.Agent.byb | 20170907 |
| Fortinet | WM/Agent.Q!tr | 20170907 |
| Kaspersky | HEUR:Trojan.Script.Agent.gen | 20170907 |
| Rising | Macro.Agent.dx (classic) | 20170901 |
| Sophos AV | Troj/DocDl-KHD | 20170907 |
| Tencent | Macro.Trojan.Dropperx.Auto | 20170907 |
| ZoneAlarm by Check Point | HEUR:Trojan-Downloader.Script.Generic | 20170907 |
| Ad-Aware | 20170907 | |
| AegisLab | 20170907 | |
| AhnLab-V3 | 20170907 | |
| Alibaba | 20170907 | |
| ALYac | 20170907 | |
| Antiy-AVL | 20170907 | |
| Arcabit | 20170907 | |
| Avast | 20170907 | |
| AVG | 20170907 | |
| Avira (no cloud) | 20170907 | |
| AVware | 20170906 | |
| BitDefender | 20170907 | |
| Bkav | 20170907 | |
| CAT-QuickHeal | 20170906 | |
| ClamAV | 20170907 | |
| CMC | 20170902 | |
| Comodo | 20170907 | |
| CrowdStrike Falcon (ML) | 20170804 | |
| Cylance | 20170907 | |
| Cyren | 20170907 | |
| DrWeb | 20170907 | |
| Emsisoft | 20170907 | |
| Endgame | 20170821 | |
| ESET-NOD32 | 20170907 | |
| F-Prot | 20170907 | |
| F-Secure | 20170907 | |
| GData | 20170907 | |
| Ikarus | 20170907 | |
| Sophos ML | 20170822 | |
| Jiangmin | 20170907 | |
| K7AntiVirus | 20170907 | |
| K7GW | 20170907 | |
| Kingsoft | 20170907 | |
| Malwarebytes | 20170907 | |
| MAX | 20170907 | |
| McAfee | 20170907 | |
| McAfee-GW-Edition | 20170907 | |
| Microsoft | 20170907 | |
| eScan | 20170907 | |
| NANO-Antivirus | 20170907 | |
| nProtect | 20170907 | |
| Palo Alto Networks (Known Signatures) | 20170907 | |
| Panda | 20170906 | |
| Qihoo-360 | 20170907 | |
| SentinelOne (Static ML) | 20170806 | |
| SUPERAntiSpyware | 20170907 | |
| Symantec | 20170907 | |
| Symantec Mobile Insight | 20170907 | |
| TheHacker | 20170904 | |
| TotalDefense | 20170907 | |
| TrendMicro | 20170907 | |
| TrendMicro-HouseCall | 20170907 | |
| Trustlook | 20170907 | |
| VBA32 | 20170906 | |
| VIPRE | 20170907 | |
| ViRobot | 20170907 | |
| Webroot | 20170907 | |
| WhiteArmor | 20170829 | |
| Yandex | 20170906 | |
| Zillya | 20170907 | |
| Zoner | 20170907 |
The file being studied follows the Compound Document File format!
More specifically, it is a MS Word Document file.
Commonly abused properties
The studied file makes use of macros, a macro is a series of commands
and instructions that you group together as a single command to accomplish a task automatically.
Macros are often abused to perform malicious tasks when working with a document.
May try to run other files, shell commands or applications.
Summary
last_author
Longer
creation_datetime
2017-09-07 08:52:00
revision_number
36
author
Longer
page_count
1
last_saved
2017-09-07 09:45:00
edit_time
1680
template
Normal.dotm
application_name
Microsoft Office Word
character_count
1
code_page
Latin I
Document summary
line_count
1
company
diakov.net
characters_with_spaces
1
version
786432
paragraph_count
1
code_page
Latin I
OLE Streams
Macros and VBA code streams
ExifTool file metadata
SharedDoc
No
Author
Longer
HyperlinksChanged
No
System
Windows
LinksUpToDate
No
LastModifiedBy
Longer
HeadingPairs
Title, 1
Identification
Word 8.0
Template
Normal.dotm
CharCountWithSpaces
1
Word97
No
LanguageCode
English (US)
CompObjUserType
Microsoft Office Word 97-2003 Document
ModifyDate
2017:09:07 08:45:00
Company
diakov.net
Characters
1
CodePage
Windows Latin 1 (Western European)
RevisionNumber
36
MIMEType
application/msword
Words
0
CreateDate
2017:09:07 07:52:00
Lines
1
AppVersion
12.0
Security
None
Software
Microsoft Office Word
FileType
DOC
TotalEditTime
28.0 minutes
Pages
1
ScaleCrop
No
CompObjUserTypeLen
39
FileTypeExtension
doc
Paragraphs
1
DocFlags
Has picture, 1Table, ExtChar
Compressed bundles
File identification
MD5 e359f0e14e600d3911bdc2a8ecbc439a
SHA1 67ec9375133fedb7c67cf136f0d9ac058d610bc7
SHA256 0997950f4e799b62a616a8c17d3e685543ac7232ae31f7b8864350bf78c53b90
ssdeep
1536:ZFvkdZjNwz1nndj64wMxW4S96UjkH4vHW+K6kGILJvRCsrv99:ZFcfNwJMW4399nHnkLLJ5Ckv
File size
100.5 KB ( 102912 bytes )
File type MS Word Document
Magic literal
CDF V2 Document, Little Endian, Os: Windows, Version 6.1, Code page: 1252, Author: Longer, Template: Normal.dotm, Last Saved By: Longer, Revision Number: 36, Name of Creating Application: Microsoft Office Word, Total Editing Time: 28:00, Create Time/Date: Wed Sep 06 07:52:00 2017, Last Saved Time/Date: Wed Sep 06 08:45:00 2017, Number of Pages: 1, Number of Words: 0, Number of Characters: 1, Security: 0
| TrID |
Microsoft Word document (80.0%) Generic OLE2 / Multistream Compound File (20.0%) |
Tags
macros
run-file
attachment
doc
VirusTotal metadata
First submission
2017-09-07 11:03:05 UTC ( 1 year, 5 months ago )
Last submission
2017-09-15 11:36:25 UTC ( 1 year, 5 months ago )
| File names |
67ec9375133fedb7c67cf136f0d9ac058d610bc7 =?UTF-8?B?cm95YWxiYW5rMTI4NzY0NTQ3MzRfNTIzNS5kb2M=?= royalbank12876454734_5235.doc |
No comments.
No VirusTotal Community member has commented on this item yet, be the first one to do so!
You have not signed in. Only registered users can leave comments, sign in and have a voice!
No votes.
No one has voted on this item yet, be the first one to do so!