× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 1b0ce25f3a4de9badc6ddb52004bf106986a739d22feb9b0915f952dc8ad6348
File name: Payment Copy.docx
Detection ratio: 25 / 60
Analysis date: 2018-11-18 19:13:17 UTC ( 2 months, 4 weeks ago )
Antivirus Result Update
Ad-Aware Trojan.GenericKD.31343150 20181118
AhnLab-V3 XML/Dloader 20181118
Arcabit Trojan.Generic.D1DE422E 20181118
Avira (no cloud) EXP/W97M.Agent.avizo 20181118
Baidu MSWord.Exploit.CVE-2017-0199.a 20181116
BitDefender Trojan.GenericKD.31343150 20181118
Cyren Trojan.MJBT-6 20181118
Emsisoft Trojan.GenericKD.31343150 (B) 20181118
ESET-NOD32 a variant of Generik.IHKYWYY 20181118
F-Secure Trojan.GenericKD.31343150 20181118
GData Trojan.GenericKD.31343150 20181118
Ikarus Exploit.W97M.Agent 20181118
Kaspersky HEUR:Exploit.MSOffice.Generic 20181118
McAfee-GW-Edition Artemis!Trojan 20181118
Microsoft Trojan:Win32/Sonoko.A!ms 20181118
eScan Trojan.GenericKD.31343150 20181118
NANO-Antivirus Exploit.Xml.CVE-2017-0199.equmby 20181118
Qihoo-360 Win32/Trojan.Exploit.ed7 20181118
Sophos AV Troj/DocDl-QIV 20181118
Tencent Win32.Trojan.Autoit.Auto 20181118
TrendMicro Trojan.O97M.RELSLOADR.A 20181118
TrendMicro-HouseCall Trojan.O97M.RELSLOADR.A 20181118
ViRobot DOC.Z.Agent.176482 20181118
ZoneAlarm by Check Point HEUR:Exploit.MSOffice.Generic 20181118
Zoner Probably W97OleLink 20181118
AegisLab 20181118
Alibaba 20180921
ALYac 20181118
Antiy-AVL 20181118
Avast 20181118
Avast-Mobile 20181118
AVG 20181118
Babable 20180918
Bkav 20181116
CAT-QuickHeal 20181118
ClamAV 20181118
CMC 20181118
Comodo 20181118
CrowdStrike Falcon (ML) 20181022
Cybereason 20180225
Cylance 20181118
DrWeb 20181118
eGambit 20181118
Endgame 20181108
F-Prot 20181118
Fortinet 20181118
Sophos ML 20181108
Jiangmin 20181118
K7AntiVirus 20181118
K7GW 20181118
Kingsoft 20181118
Malwarebytes 20181118
MAX 20181118
McAfee 20181118
Palo Alto Networks (Known Signatures) 20181118
Panda 20181118
Rising 20181118
SentinelOne (Static ML) 20181011
SUPERAntiSpyware 20181114
Symantec 20181118
Symantec Mobile Insight 20181108
TACHYON 20181118
TheHacker 20181118
TotalDefense 20181118
Trustlook 20181118
VBA32 20181116
Webroot 20181118
Yandex 20181116
Zillya 20181116
The file being studied follows the Open XML file format! More specifically, it is a Office Open XML Document file.
Content types
rels
xml
jpeg
Package relationships
word/document.xml
docProps/app.xml
docProps/core.xml
Core document properties
dc:creator
Windows User
cp:lastModifiedBy
Richard
cp:revision
2
dcterms:created
2018-11-05T12:18:00Z
dcterms:modified
2018-11-05T12:18:00Z
Application document properties
Template
template.dotx
TotalTime
0
Pages
1
Words
0
Characters
1
Application
Microsoft Office Word
DocSecurity
0
Lines
1
Paragraphs
1
ScaleCrop
false
vt:lpstr
Title
vt:i4
1
LinksUpToDate
false
CharactersWithSpaces
1
SharedDoc
false
HyperlinksChanged
false
AppVersion
15.0000
Document languages
Language
Prevalence
en-us
2
ar-sa
1
ExifTool file metadata
SharedDoc
No

HyperlinksChanged
No

LinksUpToDate
No

LastModifiedBy
Richard

HeadingPairs
Title, 1

ZipFileName
[Content_Types].xml

Template
template.dotx

ZipRequiredVersion
20

ModifyDate
2018:11:05 12:18:00Z

ZipCRC
0x2ea8411c

Words
0

ScaleCrop
No

RevisionNumber
2

MIMEType
application/vnd.openxmlformats-officedocument.wordprocessingml.document

ZipBitFlag
0x0006

CreateDate
2018:11:05 12:18:00Z

Lines
1

AppVersion
15.0

ZipUncompressedSize
1364

ZipCompressedSize
351

Characters
1

CharactersWithSpaces
1

DocSecurity
None

ZipModifyDate
1980:01:01 00:00:00

FileType
DOCX

Application
Microsoft Office Word

TotalEditTime
0

ZipCompression
Deflated

Pages
1

Creator
Windows User

FileTypeExtension
docx

Paragraphs
1

The file being studied is a compressed stream! Details about the compressed contents follow.
Contained files
Compression metadata
Contained files
13
Uncompressed size
213706
Highest datetime
1980-01-01 00:00:00
Lowest datetime
1980-01-01 00:00:00
Contained files by extension
xml
9
Contained files by type
XML
12
JPG
1
File identification
MD5 a52d0271188fe74b69606074af13b828
SHA1 b1b59e300789f0eaa4d78381fd767548e14582bf
SHA256 1b0ce25f3a4de9badc6ddb52004bf106986a739d22feb9b0915f952dc8ad6348
ssdeep
3072:f7lL2mrdFADYhDFc8rpKSvNYbWRDzUyRBelYc3nTMSFm9d+tlKODA2Sp:f7lCAdFkYhDFBxvqyRmTMSFmfSDm

File size 172.3 KB ( 176482 bytes )
File type Office Open XML Document
Magic literal
Zip archive data, at least v2.0 to extract

TrID Word Microsoft Office Open XML Format document (51.0%)
Open Packaging Conventions container (38.0%)
ZIP compressed archive (8.6%)
PrintFox/Pagefox bitmap (var. P) (2.1%)
Tags
docx exploit cve-2017-0199

VirusTotal metadata
First submission 2018-11-06 01:21:35 UTC ( 3 months, 1 week ago )
Last submission 2018-11-06 01:21:35 UTC ( 3 months, 1 week ago )
File names payment.docx
Payment Copy.docx
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!