× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 0d476a980cdc0181bb7bbe11d8dc646b5fcb2051183cea70d29b5f5092b6e00b
File name: .
Detection ratio: 25 / 56
Analysis date: 2018-11-01 16:27:23 UTC ( 3 months, 3 weeks ago ) View latest
Antivirus Result Update
Ad-Aware Exploit.RTF-ObfsStrm.Gen 20181101
AhnLab-V3 RTF/Malform-A.Gen 20181101
Antiy-AVL Trojan[Exploit]/RTF.CVE-2017-0199 20181101
Arcabit Exploit.RTF-ObfsStrm.Gen 20181101
Avira (no cloud) EXP/CVE-2017-0199.Gen 20181101
Baidu Win32.Exploit.CVE-2017-0199.g 20181101
BitDefender Exploit.RTF-ObfsStrm.Gen 20181101
CAT-QuickHeal Exp.RTF.CVE-2017-0199.AL 20181031
DrWeb Exploit.Rtf.CVE2012-0158 20181101
Emsisoft Exploit.RTF-ObfsStrm.Gen (B) 20181101
ESET-NOD32 Win32/Exploit.Agent.MY 20181101
F-Secure Exploit.RTF-ObfsStrm.Gen 20181101
GData Script.Exploit.CVE-2017-0199.A 20181101
Ikarus Exploit.CVE-2017-8570 20181101
Kaspersky HEUR:Exploit.MSOffice.Generic 20181101
MAX malware (ai score=84) 20181101
eScan Exploit.RTF-ObfsStrm.Gen 20181101
NANO-Antivirus Exploit.Rtf.Heuristic-rtf.dinbqn 20181101
Qihoo-360 susp.rtf.objupdate.c 20181101
TACHYON Suspicious/RTF.Obfus.Gen 20181101
Tencent Office.Exploit.Generic.Hrfd 20181101
TrendMicro Trojan.Win32.CVE201711882.SMA 20181101
TrendMicro-HouseCall Trojan.Win32.CVE201711882.SMA 20181101
ZoneAlarm by Check Point HEUR:Exploit.MSOffice.Generic 20181101
Zoner Probably RTFBadSpacing 20181101
AegisLab 20181101
Alibaba 20180921
ALYac 20181101
Avast 20181101
Avast-Mobile 20181101
AVG 20181101
Babable 20180918
Bkav 20181101
ClamAV 20181101
CMC 20181101
CrowdStrike Falcon (ML) 20181022
Cybereason 20180225
Cylance 20181101
Cyren 20181101
eGambit 20181101
Endgame 20180730
F-Prot 20181101
Fortinet 20181101
Sophos ML 20180717
Jiangmin 20181101
K7AntiVirus 20181101
K7GW 20181101
Kingsoft 20181101
Malwarebytes 20181101
McAfee 20181101
McAfee-GW-Edition 20181101
Microsoft 20181101
Palo Alto Networks (Known Signatures) 20181101
Panda 20181101
Rising 20181101
SentinelOne (Static ML) 20181011
Sophos AV 20181101
SUPERAntiSpyware 20181031
Symantec 20181101
Symantec Mobile Insight 20181030
TheHacker 20181031
TotalDefense 20181101
Trustlook 20181101
VBA32 20181101
ViRobot 20181101
Webroot 20181101
Yandex 20181101
Zillya 20181101
The file being studied is a Rich Text Format file! RTF is a proprietary document file format with published specification developed by Microsoft Corporation since 1987 for Microsoft products and for cross-platform document interchange.
Document properties
Non ascii characters
0
Embedded drawings
0
Rtf header
rtv0
Longest hex string
1823
Read only protection
False
User protection
False
Default character set
ANSI (default)
Custom xml data properties
0
Dos stubs
0
Objects
OLE autolink (\'57\'6f\'72\'64.Document.8)
Embedded pictures
0
Default languages
English - United States, Arabic - Saudi Arabia, Chinese - People's Republic of China
File identification
MD5 2681f90bc90eb422c19494362abb5e0b
SHA1 d5ab6cf75d342450d607498bbfbf3912e2a8a5ce
SHA256 0d476a980cdc0181bb7bbe11d8dc646b5fcb2051183cea70d29b5f5092b6e00b
ssdeep
48:W/+zc3wDV/CQEEcU5HVEglNFb4Sn0v2e86nm:W/cxDV/Cy53brnIR86nm

File size 42.4 KB ( 43461 bytes )
File type Rich Text Format
Magic literal
data

TrID Unknown!
Tags
rtf cve-2017-11882 cve-2017-8570 exploit ole-autolink cve-2017-0199

VirusTotal metadata
First submission 2018-11-01 16:27:23 UTC ( 3 months, 3 weeks ago )
Last submission 2018-11-16 05:27:19 UTC ( 3 months, 1 week ago )
File names Ice.doc
.
2681f90bc90eb422c19494362abb5e0b
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!