× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 2036453918e928f3a1931c5554c2e0167bd2fce399f76f090e4ba3bd2bedd72f
File name: logmein_pro_receipt.xls
Detection ratio: 0 / 57
Analysis date: 2015-02-25 09:31:26 UTC ( 2 years, 4 months ago ) View latest
Antivirus Result Update
Ad-Aware 20150225
AegisLab 20150225
Yandex 20150224
AhnLab-V3 20150225
Alibaba 20150225
ALYac 20150225
Antiy-AVL 20150225
Avast 20150225
AVG 20150225
Avira (no cloud) 20150225
AVware 20150225
Baidu-International 20150225
BitDefender 20150225
Bkav 20150225
ByteHero 20150225
CAT-QuickHeal 20150225
ClamAV 20150225
CMC 20150223
Comodo 20150225
Cyren 20150225
DrWeb 20150225
Emsisoft 20150225
ESET-NOD32 20150225
F-Prot 20150225
F-Secure 20150225
Fortinet 20150225
GData 20150225
Ikarus 20150225
Jiangmin 20150224
K7AntiVirus 20150225
K7GW 20150225
Kaspersky 20150225
Kingsoft 20150225
Malwarebytes 20150225
McAfee 20150225
McAfee-GW-Edition 20150225
Microsoft 20150225
eScan 20150225
NANO-Antivirus 20150225
Norman 20150225
nProtect 20150225
Panda 20150224
Qihoo-360 20150225
Rising 20150224
Sophos 20150225
SUPERAntiSpyware 20150225
Symantec 20150225
Tencent 20150225
TheHacker 20150225
TotalDefense 20150224
TrendMicro 20150225
TrendMicro-HouseCall 20150225
VBA32 20150225
VIPRE 20150225
ViRobot 20150225
Zillya 20150224
Zoner 20150223
The file being studied follows the Compound Document File format! More specifically, it is a MS Excel Spreadsheet file.
Commonly abused properties
The studied file makes use of macros, a macro is a series of commands and instructions that you group together as a single command to accomplish a task automatically. Macros are often abused to perform malicious tasks when working with a document.
May read system environment variables.
May try to run other files, shell commands or applications.
May execute code from Dynamically Linked Libraries.
May try to download additional files from the Internet.
Summary
last_author
1
creation_datetime
1996-10-09 00:32:33
author
Microsoft Corporation
last_saved
2015-01-22 06:47:28
application_name
Microsoft Excel
code_page
Cyrillic
Document summary
version
730895
code_page
Cyrillic
OLE Streams
name
Root Entry
clsid
00020820-0000-0000-c000-000000000046
type_literal
root
clsid_literal
MS Excel
sid
0
size
30272
type_literal
stream
size
104
name
\x01CompObj
sid
35
type_literal
stream
size
256
name
\x05DocumentSummaryInformation
sid
34
type_literal
stream
size
220
name
\x05SummaryInformation
sid
33
type_literal
stream
size
4372
name
Workbook
sid
1
type_literal
stream
size
1119
name
_VBA_PROJECT_CUR/PROJECT
sid
32
type_literal
stream
size
365
name
_VBA_PROJECT_CUR/PROJECTwm
sid
31
type_literal
stream
size
1023
type
macro (only attributes)
name
_VBA_PROJECT_CUR/VBA/Class1
sid
10
type_literal
stream
size
1024
type
macro (only attributes)
name
_VBA_PROJECT_CUR/VBA/Class10
sid
26
type_literal
stream
size
1023
type
macro (only attributes)
name
_VBA_PROJECT_CUR/VBA/Class2
sid
11
type_literal
stream
size
1023
type
macro (only attributes)
name
_VBA_PROJECT_CUR/VBA/Class3
sid
12
type_literal
stream
size
1023
type
macro (only attributes)
name
_VBA_PROJECT_CUR/VBA/Class4
sid
16
type_literal
stream
size
1023
type
macro (only attributes)
name
_VBA_PROJECT_CUR/VBA/Class5
sid
17
type_literal
stream
size
1023
type
macro (only attributes)
name
_VBA_PROJECT_CUR/VBA/Class6
sid
18
type_literal
stream
size
1023
type
macro (only attributes)
name
_VBA_PROJECT_CUR/VBA/Class7
sid
22
type_literal
stream
size
1023
type
macro (only attributes)
name
_VBA_PROJECT_CUR/VBA/Class8
sid
24
type_literal
stream
size
1023
type
macro (only attributes)
name
_VBA_PROJECT_CUR/VBA/Class9
sid
25
type_literal
stream
size
2660
type
macro
name
_VBA_PROJECT_CUR/VBA/Module1
sid
13
type_literal
stream
size
1051
type
macro (only attributes)
name
_VBA_PROJECT_CUR/VBA/Module2
sid
23
type_literal
stream
size
5709
name
_VBA_PROJECT_CUR/VBA/_VBA_PROJECT
sid
27
type_literal
stream
size
2472
name
_VBA_PROJECT_CUR/VBA/__SRP_0
sid
29
type_literal
stream
size
296
name
_VBA_PROJECT_CUR/VBA/__SRP_1
sid
30
type_literal
stream
size
103
name
_VBA_PROJECT_CUR/VBA/__SRP_4
sid
6
type_literal
stream
size
408
name
_VBA_PROJECT_CUR/VBA/__SRP_5
sid
5
type_literal
stream
size
112
name
_VBA_PROJECT_CUR/VBA/__SRP_6
sid
15
type_literal
stream
size
344
name
_VBA_PROJECT_CUR/VBA/__SRP_7
sid
14
type_literal
stream
size
240
name
_VBA_PROJECT_CUR/VBA/__SRP_8
sid
21
type_literal
stream
size
554
name
_VBA_PROJECT_CUR/VBA/__SRP_9
sid
20
type_literal
stream
size
3677
type
macro
name
_VBA_PROJECT_CUR/VBA/dfgfdg
sid
19
type_literal
stream
size
908
name
_VBA_PROJECT_CUR/VBA/dir
sid
28
type_literal
stream
size
1000
type
macro (only attributes)
name
_VBA_PROJECT_CUR/VBA/\u041b\u0438\u0441\u04421
sid
7
type_literal
stream
size
1000
type
macro (only attributes)
name
_VBA_PROJECT_CUR/VBA/\u041b\u0438\u0441\u04422
sid
8
type_literal
stream
size
1000
type
macro (only attributes)
name
_VBA_PROJECT_CUR/VBA/\u041b\u0438\u0441\u04423
sid
9
type_literal
stream
size
1595
type
macro
name
_VBA_PROJECT_CUR/VBA/\u042d\u0442\u0430\u041a\u043d\u0438\u0433\u0430
sid
4
Macros and VBA code streams
[+] Module1.bas _VBA_PROJECT_CUR/VBA/Module1 674 bytes
[+] dfgfdg.bas _VBA_PROJECT_CUR/VBA/dfgfdg 883 bytes
download environ run-dll run-file
ExifTool file metadata
MIMEType
application/vnd.ms-excel

CompObjUserTypeLen
28

CompObjUserType
???? Microsoft Office Excel

ModifyDate
2015:01:22 05:47:28

TitleOfParts
1, 2, 3

SharedDoc
No

Author
Microsoft Corporation

FileType
XLS

AppVersion
11.9999

LinksUpToDate
No

ScaleCrop
No

LastModifiedBy
1

HeadingPairs
, 3

FileTypeExtension
xls

HyperlinksChanged
No

CreateDate
1996:10:08 23:32:33

Security
None

CodePage
Windows Cyrillic

Software
Microsoft Excel

File identification
MD5 2fe17364f2e61b365ae024a9d3eaba8f
SHA1 66e53ccccf482f7191c3a6ed27aa84379e84e845
SHA256 2036453918e928f3a1931c5554c2e0167bd2fce399f76f090e4ba3bd2bedd72f
ssdeep
384:t8+LbfCJucMIaKpz6PMUO2mw4Iuw5Nk8h3WsE7GukfK06Q3u5ZGEpr7:++Lb6J0iwj/Nss1Ya8r7

File size 48.0 KB ( 49152 bytes )
File type MS Excel Spreadsheet
Magic literal
CDF V2 Document, Little Endian, Os: Windows, Version 6.1, Code page: 1251, Author: Microsoft Corporation, Last Saved By: 1, Name of Creating Application: Microsoft Excel, Create Time/Date: Mon Oct 07 23:32:33 1996, Last Saved Time/Date: Wed Jan 21 05:47:28 2015, Security: 0

TrID Microsoft Excel sheet (78.9%)
Generic OLE2 / Multistream Compound File (21.0%)
Tags
run-file macros run-dll environ download xls

VirusTotal metadata
First submission 2015-02-25 08:15:18 UTC ( 2 years, 4 months ago )
Last submission 2016-09-02 19:15:53 UTC ( 9 months, 3 weeks ago )
File names logmein_pro_receipt.xls
99a9b44a3f0969f96fc342390166522f
CAR015 129011.xls
suspect.xls
a04a4bb1593b6ef8cfb7400f5f2eee99
logmein_pro_receipt.xls
d12fa654b54665cb3eab22466d95d970
9a15cf451e1dc494534f41e618aca812
VirusShare_2fe17364f2e61b365ae024a9d3eaba8f
4831cd4c4421d2ac36ec545650b08de5
fe06a2b51724e40dd1a4c69e7fa1bf30
e8cb56ab351a52afce92103f3e31a13d
MacroVirus.xls
f3642a1f9564aea9901aac4dd66192f5
d9f2bbef878bb966d2f314340aca41fe
5e0111b41953c75df208dbd6ffed920a
{5B7317DA-9A06-4227-8FBF-F8E8654EFAB8}-CAR015 129011.xls
7ad7149dbad17166726a4851145ad7ed
55d9cf6a29674fb2d18ca84c51cae744
17d96f5b59707a1f223d6e576e40ec5a
c63cbc1aeb67c65bd5f80a1f749482d5
CAR015 129011-4.xls
49ada24e82d9c8d1ab7260a8fe4e3123
deb823cd853d460144bb3e2ae7d1e800
b16f3dd4c489839a9357a65b090e69ff
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!