× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 0b800d68629d09e457b01770eecec25262850047290199e5946098441e93720e
File name: DOC52529.doc
Detection ratio: 16 / 58
Analysis date: 2019-02-14 16:58:45 UTC ( 1 month ago ) View latest
Antivirus Result Update
Ad-Aware VB:Trojan.Agent.DPLX 20190214
Avast Script:SNH-gen [Trj] 20190214
AVG Script:SNH-gen [Trj] 20190214
BitDefender VB:Trojan.Agent.DPLX 20190214
ESET-NOD32 VBA/TrojanDownloader.Agent.MRP 20190214
Fortinet VBA/Agent.MPF!tr.dldr 20190214
GData Generic.Trojan.Agent.AKQ@susp 20190214
Ikarus Trojan.VBA.Agent 20190214
K7AntiVirus Trojan ( 005464381 ) 20190214
K7GW Trojan ( 005464381 ) 20190214
McAfee W97M/Downloader.cqc 20190214
McAfee-GW-Edition W97M/Downloader.cqc 20190214
eScan VB:Trojan.Agent.DPLX 20190214
Symantec ISB.Downloader!gen92 20190214
ZoneAlarm by Check Point HEUR:Trojan-Downloader.Script.Generic 20190214
Zoner Probably MacroXML 20190214
Acronis 20190213
AegisLab 20190214
AhnLab-V3 20190214
Alibaba 20180921
ALYac 20190214
Antiy-AVL 20190214
Arcabit 20190213
Avast-Mobile 20190214
Avira (no cloud) 20190214
Babable 20180918
Baidu 20190202
Bkav 20190214
CAT-QuickHeal 20190214
ClamAV 20190214
CMC 20190214
Comodo 20190214
CrowdStrike Falcon (ML) 20181023
Cybereason 20190109
Cylance 20190214
Cyren 20190214
DrWeb 20190214
eGambit 20190214
Emsisoft 20190214
Endgame 20181108
F-Prot 20190214
F-Secure 20190214
Sophos ML 20181128
Jiangmin 20190214
Kaspersky 20190214
Kingsoft 20190214
Malwarebytes 20190214
MAX 20190214
Microsoft 20190214
NANO-Antivirus 20190214
Palo Alto Networks (Known Signatures) 20190214
Panda 20190214
Qihoo-360 20190214
Rising 20190214
SentinelOne (Static ML) 20190203
Sophos AV 20190214
SUPERAntiSpyware 20190213
Symantec Mobile Insight 20190207
TACHYON 20190214
Tencent 20190214
TheHacker 20190212
TotalDefense 20190214
Trapmine 20190123
TrendMicro 20190214
TrendMicro-HouseCall 20190214
Trustlook 20190214
VBA32 20190214
VIPRE 20190214
ViRobot 20190214
Webroot 20190214
Yandex 20190213
Zillya 20190213
File identification
MD5 bb1b46bde4ff9002fc00e87c4767f147
SHA1 0d675b918d5231384e37c527cff85a93c34de0e3
SHA256 0b800d68629d09e457b01770eecec25262850047290199e5946098441e93720e
ssdeep
6144:BuQUQNrSA3hifBq7JwMzSVIhl9EKRDqME4yanMjdn/NQVg+D3Do8oRtxQwvVAJTj:BzUvA3hfw8SVIf51E4K14o8IuJ

File size 471.5 KB ( 482857 bytes )
File type XML
Magic literal
XML document text

TrID Microsoft Office XML Flat File Format Word Document (ASCII) (65.1%)
Microsoft Office XML Flat File Format (ASCII) (31.0%)
Generic XML (ASCII) (2.3%)
HyperText Markup Language (1.4%)
Tags
xml

VirusTotal metadata
First submission 2019-02-14 16:58:45 UTC ( 1 month ago )
Last submission 2019-02-15 08:40:09 UTC ( 1 month ago )
File names DOC52529.doc
INSTR4990027238462228.doc
FILEW27252144.doc
51705715380682.doc
FILE2918.doc
FILE5709828325.doc
FILE143646989.doc
DOCC659694.doc
INVK70262337.doc
N21579079369796507414.doc
PAY0138056257574826792.doc
ExifTool file metadata
WordDocumentFontsFontPitchVal
variable

WordDocumentBodySectPRPictShapeType
#_x0000_t75

WordDocumentBodySectPRPictShapeStyle
width:468pt;height:349.5pt;visibility:visible;mso-wrap-style:square

WordDocumentDocumentPropertiesCharacters
1

WordDocumentBodySectSectPrPgMarBottom
1440

WordDocumentStylesStyleNameVal
Normal

WordDocumentStylesStyleRPrLangBidi
AR-SA

WordDocumentBodySectPRPictShapetypeId
_x0000_t75

MIMEType
application/xml

WordDocumentStylesStyleTblPrTblCellMarTopType
dxa

WordDocumentBodySectPRPictShapeSpid
_x0000_i1025

WordDocumentStylesStyleRsidVal
005A24B1

WordDocumentBodySectPRPictShapetypePathConnecttype
rect

WordDocumentBodySectSectPrPgMarRight
1440

WordDocumentShapeDefaultsShapelayoutIdmapExt
edit

WordDocumentBodySectPRPictShapetypePathExtrusionok
f

WordDocumentShapeDefaultsShapedefaultsExt
edit

WordDocumentBodySectPRPictShapeId
Picture 1

WordDocumentStylesStyleTblPrTblCellMarRightType
dxa

WordDocumentFontsFontName
Times New Roman

WordDocumentBodySectPRPictShapetypeFormulasFEqn
if lineDrawn pixelLineWidth 0

WordDocumentStylesStyleTblPrTblCellMarTopW
0

WordDocumentFontsDefaultFontsCs
Times New Roman

WordDocumentBodySectPRPictShapetypeLockAspectratio
t

WordDocumentStylesStylePPrSpacingLine
259

WordDocumentDocSuppDataBinDataName
H7394_9_

WordDocumentDocPrZoomPercent
100

WordDocumentBodySectSectPrPgSzH
15840

WordDocumentFontsDefaultFontsAscii
Calibri

WordDocumentStylesStyleStyleId
Normal

WordDocumentBodySectSectPrPgSzW
12240

WordDocumentBodySectPRPictShapetypePreferrelative
t

WordDocumentStylesStylePPrSpacingAfter
160

WordDocumentOcxPresent
no

WordDocumentStylesStyleTblPrTblIndType
dxa

WordDocumentDocPrRsidsRsidRootVal
005E6EE1

WordDocumentDocumentPropertiesLastSaved
2019:02:14 15:22:00Z

WordDocumentBodySectPRPictShapetypeLockExt
edit

WordDocumentBodySectSectPrPgMarLeft
1440

WordDocumentBodySectSectPrColsSpace
720

FileType
XML

WordDocumentDocumentPropertiesPages
1

WordDocumentStylesLatentStylesLsdExceptionName
Normal

WordDocumentStylesStyleTblPrTblCellMarRightW
108

WordDocumentDocPrDefaultTabStopVal
720

WordDocumentDocumentPropertiesRevision
1

WordDocumentBodySectSectPrPgMarFooter
720

WordDocumentDocumentPropertiesTotalTime
0

WordDocumentBodySectSectPrPgMarTop
1440

WordDocumentStylesStyleUiNameVal
Table Normal

WordDocumentBodySectSectPrPgMarHeader
720

WordDocumentDocumentPropertiesParagraphs
1

WordDocumentBodySectPRRsidRPr
002E0C6F

WordDocumentBodySectPRsidR
005E6EE1

WordDocumentBodySectPRPictShapetypeStroked
f

WordDocumentBodySectPRPictShapetypeCoordsize
21600,21600

WordDocumentDocPrCharacterSpacingControlVal
DontCompress

WordDocumentEmbeddedObjPresent
no

WordDocumentStylesStyleRPrRFontsAscii
Tahoma

WordDocumentStylesVersionOfBuiltInStylenamesVal
7

WordDocumentIgnoreSubtreeVal
http://schemas.microsoft.com/office/word/2003/wordml/sp2

WordDocumentBodySectPRPictBinData
(Binary data 366950 bytes, use -b option to extract)

WordDocumentStylesStyleTblPrTblCellMarBottomType
dxa

WordDocumentFontsFontCharsetVal
00

WordDocumentDocumentPropertiesLines
1

WordDocumentStylesStyleTblPrTblCellMarBottomW
0

WordDocumentStylesLatentStylesDefLockedState
off

WordDocumentDocPrRsidsRsidVal
005A24B1

WordDocumentBodySectPRPictShapetypeFilled
f

WordDocumentBodySectPRPictShapeImagedataSrc
wordml://P5079___.L7913956.w__1_4

WordDocumentBodySectPRPictShapetypeStrokeJoinstyle
miter

WordDocumentDocumentPropertiesCharactersWithSpaces
1

WordDocumentStylesStyleLinkVal
BalloonTextChar

WordDocumentStylesLatentStylesLatentStyleCount
375

WordDocumentDocPrAlwaysShowPlaceholderTextVal
off

WordDocumentBodySectPRPictShapetypePath
m@4@5l@4@11@9@11@9@5xe

WordDocumentDocumentPropertiesCreated
2019:02:14 15:22:00Z

WordDocumentStylesStyleRPrRFontsCs
Tahoma

WordDocumentBodySectSectPrPgMarGutter
0

WordDocumentDocPrViewVal
print

WordDocumentBodySectPRsidRDefault
00A677FE

WordDocumentDocSuppDataBinData
(Binary data 88174 bytes, use -b option to extract)

WordDocumentStylesStyleTblPrTblCellMarLeftW
108

WordDocumentMacrosPresent
yes

WordDocumentFontsFontFamilyVal
Roman

WordDocumentStylesStyleRPrLangVal
EN-US

WordDocumentDocumentPropertiesWords
0

WordDocumentStylesStyleTblPrTblIndW
0

WordDocumentFontsDefaultFontsFareast
Calibri

WordDocumentStylesStyleRPrSzVal
22

FileTypeExtension
xml

WordDocumentShapeDefaultsShapelayoutExt
edit

WordDocumentBodySectPRPictShapetypePathGradientshapeok
t

WordDocumentStylesStyleRPrLangFareast
EN-US

WordDocumentShapeDefaultsShapedefaultsSpidmax
1026

WordDocumentStylesStyleBasedOnVal
Normal

WordDocumentBodySectPRPictBinDataName
wordml://P5079___.L7913956.w__1_4

WordDocumentBodySectSectPrRsidR
005E6EE1

WordDocumentDocPrPixelsPerInchVal
120

WordDocumentDocPrIgnoreMixedContentVal
off

WordDocumentBodySectPRPictShapetypeSpt
75

WordDocumentStylesStyleRPrFontVal
Calibri

WordDocumentStylesStyleTblPrTblCellMarLeftType
dxa

WordDocumentDocPrSaveInvalidXMLVal
off

WordDocumentDocumentPropertiesVersion
16

WordDocumentStylesStyleDefault
on

WordDocumentShapeDefaultsShapelayoutIdmapData
1

WordDocumentStylesStyleType
paragraph

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!