× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 25aa11d9eafc0860a44d1e581c9f35224fbd410dd5d1b74fef7921c92f665574
File name: Autophil Zone Sales Corporation PO#10281.xlsx
Detection ratio: 15 / 61
Analysis date: 2018-09-19 01:41:08 UTC ( 6 months ago ) View latest
Antivirus Result Update
Avast Win32:ShellCode [Expl] 20180919
AVG Win32:ShellCode [Expl] 20180919
Avira (no cloud) EXP/CVE-2017-11882.Gen 20180919
DrWeb W97M.DownLoader.2938 20180918
ESET-NOD32 probably a variant of Win32/Exploit.CVE-2017-11882.A 20180919
Fortinet MSOffice/CVE_2017_11882.A!exploit 20180919
Ikarus Exploit.CVE-2017-11882 20180918
Kaspersky HEUR:Exploit.MSOffice.Generic 20180918
Rising Exploit.CVE-2017-11882!1.B40D (CLASSIC) 20180919
SentinelOne (Static ML) static engine - malicious 20180830
Sophos AV Exp/20180802-B 20180919
Symantec Exp.CVE-2017-11882!g2 20180918
TrendMicro TROJ_CV.8E6945C6 20180919
TrendMicro-HouseCall TROJ_CV.8E6945C6 20180919
ZoneAlarm by Check Point HEUR:Exploit.MSOffice.Generic 20180919
Ad-Aware 20180917
AegisLab 20180918
AhnLab-V3 20180918
Alibaba 20180713
ALYac 20180919
Antiy-AVL 20180918
Arcabit 20180919
Avast-Mobile 20180918
AVware 20180918
Babable 20180918
Baidu 20180914
BitDefender 20180918
Bkav 20180918
CAT-QuickHeal 20180918
ClamAV 20180919
CMC 20180918
Comodo 20180919
CrowdStrike Falcon (ML) 20180723
Cybereason 20180225
Cylance 20180919
Cyren 20180919
eGambit 20180919
Emsisoft 20180918
Endgame 20180730
F-Prot 20180919
F-Secure 20180919
GData 20180919
Sophos ML 20180717
Jiangmin 20180919
K7AntiVirus 20180918
K7GW 20180918
Kingsoft 20180919
Malwarebytes 20180918
MAX 20180919
McAfee 20180919
McAfee-GW-Edition 20180919
Microsoft 20180918
eScan 20180919
NANO-Antivirus 20180919
Palo Alto Networks (Known Signatures) 20180919
Panda 20180918
Qihoo-360 20180919
SUPERAntiSpyware 20180907
Symantec Mobile Insight 20180918
TACHYON 20180919
Tencent 20180919
TheHacker 20180918
TotalDefense 20180918
Trustlook 20180919
VBA32 20180918
VIPRE 20180919
ViRobot 20180918
Webroot 20180919
Yandex 20180917
Zillya 20180918
Zoner 20180918
The file being studied follows the Open XML file format! More specifically, it is a Office Open XML Spreadsheet file.
Content types
bin
rels
vml
xml
Package relationships
docProps/app.xml
docProps/core.xml
xl/workbook.xml
Core document properties
dcterms:created
2006-09-16T00:00:00Z
dcterms:modified
2018-09-14T02:07:45Z
Application document properties
Application
Microsoft Excel
DocSecurity
0
ScaleCrop
false
vt:lpstr
Worksheets
vt:i4
3
vt:lpstr
Sheet1
vt:lpstr
Sheet2
vt:lpstr
Sheet3
LinksUpToDate
false
SharedDoc
false
HyperlinksChanged
false
AppVersion
14.0300
Workbook properties
lowestEdited
4
calcPr
122211
rupBuild
9303
lastEdited
5
sheets
3
Character codifications
Codification
Prevalence
Basic Latin
40
ExifTool file metadata
SharedDoc
No

HyperlinksChanged
No

TitlesOfParts
Sheet1, Sheet2, Sheet3

LinksUpToDate
No

HeadingPairs
Worksheets, 3

ZipFileName
[Content_Types].xml

CreateDate
2006:09:16 00:00:00Z

ZipRequiredVersion
20

ModifyDate
2018:09:14 02:07:45Z

ZipCRC
0xf03d41ea

ZipBitFlag
0x0002

ScaleCrop
No

MIMEType
application/vnd.openxmlformats-officedocument.spreadsheetml.sheet

FileType
XLSX

AppVersion
14.03

ZipUncompressedSize
1777

ZipCompressedSize
397

DocSecurity
None

ZipModifyDate
2018:09:19 03:06:28

Application
Microsoft Excel

ZipCompression
Deflated

FileTypeExtension
xlsx

The file being studied is a compressed stream! Details about the compressed contents follow.
Contained files
Compression metadata
Contained files
16
Uncompressed size
22119
Highest datetime
2018-09-19 03:06:28
Lowest datetime
2018-09-19 03:06:28
Contained files by extension
xml
10
bin
2
vml
1
Contained files by type
XML
13
unknown
2
Microsoft Office
1
File identification
MD5 cd5decfb81b4bd0b3436d77f81dad23f
SHA1 67da5ce8c5420e8f5cac66debcbab743720cb1ab
SHA256 25aa11d9eafc0860a44d1e581c9f35224fbd410dd5d1b74fef7921c92f665574
ssdeep
192:kazr1xZpAtV0zO62tUzhfuYaSEfj0SN9WvWa/EljLdFcaqg06f1no+:kqr1x/0Sh2tINzGfGua/EB7carNo+

File size 10.1 KB ( 10304 bytes )
File type Office Open XML Spreadsheet
Magic literal
Zip archive data, at least v2.0 to extract

TrID Excel Microsoft Office Open XML Format document (60.1%)
Open Packaging Conventions container (30.9%)
ZIP compressed archive (7.0%)
PrintFox/Pagefox bitmap (var. P) (1.7%)
Tags
xlsx exploit cve-2017-11882 cve-2017-1182

VirusTotal metadata
First submission 2018-09-19 01:41:08 UTC ( 6 months ago )
Last submission 2018-09-29 08:04:40 UTC ( 5 months, 2 weeks ago )
File names Autophil Zone Sales Corporation PO#10281.xlsx
Autophil Zone Sales Corporation PO
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!