× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 0f728b8f0e7ff8238f1b43649ddaeb70f580a4f4a28f9c7b187c3a27bb7f4b9b
Detection ratio: 15 / 59
Analysis date: 2017-10-20 02:54:01 UTC ( 1 year, 6 months ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.Downloader.DDE.Gen 20171020
AegisLab Troj.Downloader.Dde!c 20171020
Arcabit Trojan.Downloader.DDE.Gen 20171020
BitDefender Trojan.Downloader.DDE.Gen 20171020
ClamAV Doc.Exploit.DDEautoexec-6348842-0 20171019
Cyren ZIP/Trojan.VSHY-8 20171020
Emsisoft Trojan.Downloader.DDE.Gen (B) 20171020
ESET-NOD32 VBA/DDE.C 20171020
F-Secure Trojan.Downloader.DDE.Gen 20171020
Fortinet Malicious_Behavior.SB 20171020
GData Trojan.Downloader.DDE.Gen 20171020
Ikarus Win32.Outbreak 20171019
MAX malware (ai score=99) 20171020
eScan Trojan.Downloader.DDE.Gen 20171020
Symantec W97M.Downloader 20171019
AhnLab-V3 20171020
Alibaba 20170911
ALYac 20171020
Antiy-AVL 20171020
Avast 20171020
Avast-Mobile 20171019
AVG 20171020
Avira (no cloud) 20171019
AVware 20171020
Baidu 20171019
Bkav 20171019
CAT-QuickHeal 20171019
CMC 20171018
Comodo 20171020
CrowdStrike Falcon (ML) 20171016
Cylance 20171020
DrWeb 20171020
eGambit 20171020
Endgame 20171016
F-Prot 20171020
Sophos ML 20170914
Jiangmin 20171020
K7AntiVirus 20171019
K7GW 20171020
Kaspersky 20171020
Kingsoft 20171020
Malwarebytes 20171020
McAfee 20171020
McAfee-GW-Edition 20171019
Microsoft 20171019
NANO-Antivirus 20171020
nProtect 20171020
Palo Alto Networks (Known Signatures) 20171020
Panda 20171019
Qihoo-360 20171020
Rising 20171020
SentinelOne (Static ML) 20171019
Sophos AV 20171020
SUPERAntiSpyware 20171020
Symantec Mobile Insight 20171011
Tencent 20171020
TheHacker 20171017
TrendMicro 20171020
Trustlook 20171020
VBA32 20171019
VIPRE 20171020
ViRobot 20171019
Webroot 20171020
WhiteArmor 20171016
Yandex 20171018
Zillya 20171019
ZoneAlarm by Check Point 20171020
Zoner 20171020
The file being studied follows the Open XML file format! More specifically, it is a Office Open XML Document file.
Content types
rels
xml
Package relationships
word/document.xml
docProps/app.xml
docProps/core.xml
Core document properties
dc:creator
1
cp:lastModifiedBy
1
cp:revision
88
dcterms:created
2017-10-18T12:30:00Z
dcterms:modified
2017-10-19T18:26:00Z
Application document properties
Template
Normal.dotm
TotalTime
359
Pages
2
Words
34
Characters
199
Application
Microsoft Office Word
DocSecurity
0
Lines
1
Paragraphs
1
ScaleCrop
false
vt:lpstr
\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435
vt:i4
1
LinksUpToDate
false
CharactersWithSpaces
232
SharedDoc
false
HyperlinksChanged
false
AppVersion
16.0000
Document languages
Language
Prevalence
ru-ru
3
en-us
2
ar-sa
1
ExifTool file metadata
SharedDoc
No

HyperlinksChanged
No

LinksUpToDate
No

LastModifiedBy
1

HeadingPairs
, 1

ZipFileName
[Content_Types].xml

Template
Normal.dotm

ZipRequiredVersion
20

ModifyDate
2017:10:19 18:26:00Z

ZipCRC
0x6cd2a4df

Words
34

ScaleCrop
No

RevisionNumber
88

MIMEType
application/vnd.openxmlformats-officedocument.wordprocessingml.document

ZipBitFlag
0x0006

CreateDate
2017:10:18 12:30:00Z

Lines
1

AppVersion
16.0

ZipUncompressedSize
1312

ZipCompressedSize
346

Characters
199

CharactersWithSpaces
232

DocSecurity
None

ZipModifyDate
1980:01:01 00:00:00

FileType
DOCX

Application
Microsoft Office Word

TotalEditTime
6.0 hours

ZipCompression
Deflated

Pages
2

Creator
1

FileTypeExtension
docx

Paragraphs
1

The file being studied is a compressed stream! Details about the compressed contents follow.
Contained files
Compression metadata
Contained files
11
Uncompressed size
57212
Highest datetime
2017-10-19 21:28:12
Lowest datetime
1980-01-01 00:00:00
Contained files by extension
xml
9
Contained files by type
XML
11
File identification
MD5 f5564925dd68e23672d898e0a590340e
SHA1 232a82c3b112925372b009f988ff8ffc6f7b6d6a
SHA256 0f728b8f0e7ff8238f1b43649ddaeb70f580a4f4a28f9c7b187c3a27bb7f4b9b
ssdeep
192:CtNCljUDc5j9zJCvaNnnAo3keqy07Pn7k6p3GlWZmTOeKFKxuL:aNcjmcx1CwH3R/07Pv/UTtKFK0L

File size 13.1 KB ( 13368 bytes )
File type Office Open XML Document
Magic literal
Zip archive data, at least v2.0 to extract

TrID Word Microsoft Office Open XML Format document (51.0%)
Open Packaging Conventions container (38.0%)
ZIP compressed archive (8.6%)
PrintFox/Pagefox bitmap (var. P) (2.1%)
Tags
docx attachment

VirusTotal metadata
First submission 2017-10-19 19:04:25 UTC ( 1 year, 6 months ago )
Last submission 2018-05-14 00:04:05 UTC ( 11 months, 1 week ago )
File names DC000222.doc
DC000764.doc
localfile~
DC000811.doc
DC00075360.doc
DC00084382.doc
DC00097418.doc
b6eb138ac55d2471faccbe24da20ba52b0523872
DDE.DOCX
DC0004360.doc
DC000725.doc
DC000631.doc
DC00066129.doc
1.docx
DC000590.doc
DC00075775.doc
DC0006082.doc
DC0009777.doc
DC0003870.doc
DC000689.doc
DC00069999.doc
DC0008123.doc
DC000623.doc
DC000629.doc
DC00065619.doc
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!