× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 0c69f1c4500bfe6ed8ca9c287777433efd9f495abece079f7d01751ffd9063af
File name: emotet_e1_0c69f1c4500bfe6ed8ca9c287777433efd9f495abece079f7d01751...
Detection ratio: 12 / 58
Analysis date: 2018-11-20 23:31:10 UTC ( 6 months, 1 week ago )
Antivirus Result Update
AhnLab-V3 XML/Dropper.S1 20181120
Fortinet VBA/Agent.7DA5!tr.dldr 20181120
GData Script.Trojan-Downloader.Agent.AJU 20181120
Ikarus Trojan.VBA.Agent 20181120
Kaspersky HEUR:Trojan.Script.Generic 20181120
McAfee W97M/Downloader.ft 20181120
Microsoft Trojan:O97M/Foretype.A!ml 20181120
NANO-Antivirus Trojan.Ole2.Vbs-heuristic.druvzi 20181120
Qihoo-360 virus.office.qexvmc.1075 20181120
Symantec ISB.Downloader!gen172 20181120
ZoneAlarm by Check Point HEUR:Exploit.MSOffice.Generic 20181120
Zoner Probably MacroXML 20181120
Ad-Aware 20181120
AegisLab 20181120
Alibaba 20180921
ALYac 20181120
Antiy-AVL 20181120
Arcabit 20181120
Avast 20181120
Avast-Mobile 20181120
AVG 20181120
Avira (no cloud) 20181120
Babable 20180918
Baidu 20181120
BitDefender 20181120
Bkav 20181120
CAT-QuickHeal 20181120
ClamAV 20181120
CMC 20181120
Comodo 20181120
CrowdStrike Falcon (ML) 20181022
Cybereason 20180225
Cylance 20181120
Cyren 20181120
DrWeb 20181120
eGambit 20181120
Emsisoft 20181120
Endgame 20181108
ESET-NOD32 20181120
F-Prot 20181120
F-Secure 20181120
Sophos ML 20181108
Jiangmin 20181120
K7AntiVirus 20181120
K7GW 20181120
Kingsoft 20181120
Malwarebytes 20181120
MAX 20181120
McAfee-GW-Edition 20181120
eScan 20181120
Palo Alto Networks (Known Signatures) 20181120
Panda 20181120
Rising 20181120
SentinelOne (Static ML) 20181011
Sophos AV 20181120
SUPERAntiSpyware 20181114
Symantec Mobile Insight 20181108
TACHYON 20181120
Tencent 20181120
TheHacker 20181118
TotalDefense 20181118
TrendMicro 20181120
TrendMicro-HouseCall 20181120
Trustlook 20181120
VBA32 20181120
VIPRE 20181120
ViRobot 20181120
Webroot 20181120
Yandex 20181119
Zillya 20181119
File identification
MD5 c3f0008676a27afb316c669a955a1d99
SHA1 eac4df016c080aa2212ebf7fb3041381e0cc0f0f
SHA256 0c69f1c4500bfe6ed8ca9c287777433efd9f495abece079f7d01751ffd9063af
ssdeep
1536:EYnpJfvo6aEqQmCVnD32+1SWvySdtxO5A7v:dJfvZmCdvaktxO5A7

File size 96.7 KB ( 99045 bytes )
File type XML
Magic literal
XML document text

TrID Microsoft Office XML Flat File Format Word Document (ASCII) (65.1%)
Microsoft Office XML Flat File Format (ASCII) (31.0%)
Generic XML (ASCII) (2.3%)
HyperText Markup Language (1.4%)
Tags
xml

VirusTotal metadata
First submission 2018-11-20 23:31:10 UTC ( 6 months, 1 week ago )
Last submission 2018-11-20 23:31:10 UTC ( 6 months, 1 week ago )
File names emotet_e1_0c69f1c4500bfe6ed8ca9c287777433efd9f495abece079f7d01751ffd9063af_2018-11-20__22:56:01.doc
ExifTool file metadata
WordDocumentFontsFontPitchVal
variable

WordDocumentBodySectPRPictShapeType
#_x0000_t75

WordDocumentBodySectPRPictShapeStrokeweight
.5pt

WordDocumentBodySectPRPictShapeStyle
width:442.5pt;height:132.75pt;visibility:visible;mso-wrap-style:square

WordDocumentDocumentPropertiesCharacters
13

WordDocumentBodySectPRPictShapeSpid
_x0000_i1025

WordDocumentBodySectPRPictShapeFilled
f

WordDocumentStylesStyleNameVal
Normal

WordDocumentStylesStyleRPrLangBidi
AR-SA

WordDocumentBodySectPRPictShapetypeId
_x0000_t75

WordDocumentBodySectPRPictShapetypeLockExt
edit

MIMEType
application/xml

WordDocumentStylesStyleTblPrTblCellMarTopType
dxa

WordDocumentStylesStyleRsidVal
003B0670

WordDocumentBodySectPRPictShapetypePathConnecttype
rect

WordDocumentBgPictBackgroundBgcolor
#00AEEA

WordDocumentBodySectSectPrPgMarRight
1440

WordDocumentShapeDefaultsShapelayoutIdmapExt
edit

WordDocumentBodySectPRPictShapetypePathExtrusionok
f

WordDocumentShapeDefaultsShapedefaultsExt
edit

WordDocumentBodySectPRPictShapeId
Picture 2

WordDocumentStylesStyleTblPrTblCellMarRightType
dxa

WordDocumentFontsFontName
Times New Roman

WordDocumentBodySectPRPictShapetypeFormulasFEqn
if lineDrawn pixelLineWidth 0

WordDocumentStylesStyleTblPrTblCellMarTopW
0

WordDocumentFontsDefaultFontsCs
Times New Roman

WordDocumentBodySectPRPictShapetypeLockAspectratio
t

WordDocumentStylesStylePPrSpacingLine
259

WordDocumentDocSuppDataBinDataName
editdata.mso

WordDocumentDocPrZoomPercent
100

WordDocumentBodySectSectPrPgSzH
15840

WordDocumentFontsDefaultFontsAscii
Calibri

WordDocumentStylesStyleStyleId
Normal

WordDocumentBodySectSectPrPgSzW
12240

WordDocumentBodySectPRPictShapetypePreferrelative
t

WordDocumentStylesStylePPrSpacingAfter
160

WordDocumentShapeDefaultsShapedefaultsSpidmax
1027

WordDocumentStylesStyleTblPrTblIndType
dxa

WordDocumentDocPrRsidsRsidRootVal
005E6EE1

WordDocumentDocumentPropertiesLastSaved
2018:11:20 20:37:00Z

WordDocumentBodySectSectPrPgMarBottom
1440

WordDocumentBodySectSectPrPgMarLeft
1440

WordDocumentBodySectSectPrColsSpace
720

FileType
XML

WordDocumentDocumentPropertiesPages
1

WordDocumentShapeDefaultsShapedefaultsColormruExt
edit

WordDocumentStylesLatentStylesLsdExceptionName
Normal

WordDocumentStylesStyleTblPrTblCellMarRightW
108

WordDocumentDocPrDefaultTabStopVal
720

WordDocumentDocumentPropertiesRevision
1

WordDocumentBodySectSectPrPgMarFooter
720

WordDocumentDocumentPropertiesTotalTime
0

WordDocumentBodySectSectPrPgMarTop
1440

WordDocumentStylesStyleUiNameVal
Table Normal

WordDocumentBodySectSectPrPgMarHeader
720

WordDocumentDocumentPropertiesParagraphs
1

WordDocumentBodySectPRPictShapeTextboxTxbxContentPRsidRDefault
001445BE

WordDocumentBodySectPRRsidRPr
007B3282

WordDocumentBodySectPRsidR
005E6EE1

WordDocumentBodySectPRPictShapetypeStroked
f

WordDocumentBodySectPRPictShapetypeCoordsize
21600,21600

WordDocumentDocPrCharacterSpacingControlVal
DontCompress

WordDocumentEmbeddedObjPresent
no

WordDocumentStylesStyleRPrRFontsAscii
Tahoma

WordDocumentStylesVersionOfBuiltInStylenamesVal
7

WordDocumentIgnoreSubtreeVal
http://schemas.microsoft.com/office/word/2003/wordml/sp2

WordDocumentShapeDefaultsShapedefaultsColormruColors
#00aeea

WordDocumentStylesStyleTblPrTblCellMarBottomType
dxa

WordDocumentFontsFontCharsetVal
00

WordDocumentDocumentPropertiesLines
1

WordDocumentStylesStyleTblPrTblCellMarBottomW
0

WordDocumentStylesLatentStylesDefLockedState
off

WordDocumentDocPrRsidsRsidVal
00005EB7

WordDocumentBodySectPRPictShapetypeFilled
f

WordDocumentBodySectPRPictShapeImagedataSrc
wordml://02000001.jpg

WordDocumentBodySectPRPictShapetypeStrokeJoinstyle
miter

WordDocumentBodySectPRsidRDefault
001445BE

WordDocumentStylesStyleLinkVal
BalloonTextChar

WordDocumentStylesLatentStylesLatentStyleCount
375

WordDocumentDocPrAlwaysShowPlaceholderTextVal
off

WordDocumentBodySectPRPictShapetypePath
m@4@5l@4@11@9@11@9@5xe

WordDocumentDocumentPropertiesCreated
2018:11:20 20:37:00Z

WordDocumentDocumentPropertiesVersion
16

WordDocumentBodySectSectPrPgMarGutter
0

WordDocumentDocPrViewVal
print

WordDocumentBodySectPRPictShapeTextboxTxbxContentPRsidR
001445BE

WordDocumentDocumentPropertiesCharactersWithSpaces
14

WordDocumentBodySectPRPictShapeFillDetectmouseclick
t

WordDocumentStylesStyleTblPrTblCellMarLeftW
108

WordDocumentMacrosPresent
yes

WordDocumentFontsFontFamilyVal
Roman

WordDocumentStylesStyleRPrLangVal
EN-US

WordDocumentDocumentPropertiesWords
2

WordDocumentStylesStyleTblPrTblIndW
0

WordDocumentFontsDefaultFontsFareast
Calibri

WordDocumentStylesStyleRPrSzVal
22

FileTypeExtension
xml

WordDocumentShapeDefaultsShapelayoutIdmapData
1

WordDocumentBodySectPRPictShapetypePathGradientshapeok
t

WordDocumentStylesStyleRPrLangFareast
EN-US

WordDocumentOcxPresent
no

WordDocumentStylesStyleBasedOnVal
Normal

WordDocumentBodySectPRPictBinDataName
wordml://02000001.jpg

WordDocumentBodySectSectPrRsidR
00005EB7

WordDocumentDocPrPixelsPerInchVal
120

WordDocumentDocPrIgnoreMixedContentVal
off

WordDocumentBodySectPRPictShapetypeSpt
75

WordDocumentStylesStyleRPrFontVal
Calibri

WordDocumentStylesStyleTblPrTblCellMarLeftType
dxa

WordDocumentDocPrSaveInvalidXMLVal
off

WordDocumentStylesStyleRPrRFontsCs
Tahoma

WordDocumentStylesStyleDefault
on

WordDocumentShapeDefaultsShapelayoutExt
edit

WordDocumentStylesStyleType
paragraph

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!