× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 25c8e5f21a10421d564a2cf0cff8cfca3b352c1e89d4ad00337d4bfa88fecf66
File name: extra_0.bin
Detection ratio: 29 / 60
Analysis date: 2018-04-16 09:54:07 UTC ( 1 year ago ) View latest
Antivirus Result Update
Ad-Aware Exploit.RTF-ObfsStrm.Gen 20180416
Antiy-AVL Trojan[Exploit]/OLE.CVE-2017-11882 20180416
Arcabit Exploit.RTF-ObfsStrm.Gen 20180416
Avira (no cloud) EXP/CVE-2017-11882.Gen 20180416
Baidu Win32.Exploit.CVE-2017-11882.b 20180416
BitDefender Exploit.RTF-ObfsStrm.Gen 20180416
CAT-QuickHeal Exp.RTF.CVE-2017-11882.G 20180416
Emsisoft Exploit.RTF-ObfsStrm.Gen (B) 20180416
ESET-NOD32 probably a variant of Win32/Exploit.CVE-2017-11882.A 20180416
F-Secure Exploit:W97M/CVE-2017-0199.B 20180416
Fortinet MSOffice/CVE_2017_11882.A!exploit 20180416
GData Generic.Exploit.CVE-2017-11882.A 20180416
Ikarus Exploit.CVE-2017-11882 20180416
Jiangmin Heur:Exploit.CVE-2017-11882.Gen 20180416
K7AntiVirus Trojan ( 0051f3601 ) 20180416
K7GW Trojan ( 0051f3601 ) 20180416
Kaspersky HEUR:Exploit.MSOffice.Generic 20180416
MAX malware (ai score=95) 20180416
McAfee Exploit-CVE2017-11882.k 20180416
McAfee-GW-Edition Exploit-CVE2017-11882.k 20180416
eScan Exploit.RTF-ObfsStrm.Gen 20180416
NANO-Antivirus Exploit.OleNative.CVE-2017-11882.evenbv 20180416
Qihoo-360 virus.exp.21711882.gen 20180416
Sophos AV Exp/201711882-F 20180416
Symantec Exp.CVE-2017-11882 20180416
Tencent Office.Exploit.Generic.Llgs 20180416
TrendMicro TROJ_CVE201711882.SM 20180416
TrendMicro-HouseCall TROJ_CVE201711882.SM 20180416
ZoneAlarm by Check Point HEUR:Exploit.Win32.CVE-2017-11882.a 20180416
AegisLab 20180416
AhnLab-V3 20180416
Alibaba 20180416
ALYac 20180416
Avast 20180416
Avast-Mobile 20180416
AVG 20180416
AVware 20180416
Bkav 20180410
ClamAV 20180416
CMC 20180415
Comodo 20180416
CrowdStrike Falcon (ML) 20170201
Cybereason None
Cylance 20180416
Cyren 20180416
DrWeb 20180416
eGambit 20180416
Endgame 20180403
F-Prot 20180416
Sophos ML 20180121
Kingsoft 20180416
Malwarebytes 20180416
Microsoft 20180416
nProtect 20180416
Palo Alto Networks (Known Signatures) 20180416
Panda 20180415
Rising 20180416
SentinelOne (Static ML) 20180225
SUPERAntiSpyware 20180416
Symantec Mobile Insight 20180412
TheHacker 20180415
TotalDefense 20180416
Trustlook 20180416
VBA32 20180414
VIPRE 20180416
ViRobot 20180416
Webroot 20180416
WhiteArmor 20180408
Yandex 20180414
Zillya 20180413
Zoner 20180416
The file being studied is a Rich Text Format file! RTF is a proprietary document file format with published specification developed by Microsoft Corporation since 1987 for Microsoft products and for cross-platform document interchange.
Document properties
Non ascii characters
0
Embedded drawings
20
Rtf header
rtf1
Default ansi codepage
Western European
Generator
Riched20 6.3.9600
Read only protection
False
User protection
False
Default character set
ANSI
Custom xml data properties
0
Dos stubs
0
Objects
OLE embedded (Equation.3)
Embedded pictures
1
Longest hex string
5189
Default languages
English - United States
ExifTool file metadata
MIMEType
text/rtf

FileType
RTF

FileTypeExtension
rtf

File identification
MD5 aa0207c5adf260fe9b81e477777a8d82
SHA1 0b9bfe100a0c302602bf2989e924c58b6a403852
SHA256 25c8e5f21a10421d564a2cf0cff8cfca3b352c1e89d4ad00337d4bfa88fecf66
ssdeep
96:Mf7txtf6sUG5VoWx2TLAncyRFVSk3soxDDYEYufNLmay4hjM1NB:cPtSsUGZxGIJVSzi4aZMNB

File size 10.6 KB ( 10814 bytes )
File type Rich Text Format
Magic literal
Rich Text Format data, version 1, ANSI

TrID Rich Text Format (100.0%)
Tags
ole-embedded exploit rtf cve-2017-11882 cve-2017-0199

VirusTotal metadata
First submission 2018-04-16 09:54:07 UTC ( 1 year ago )
Last submission 2018-05-11 17:03:15 UTC ( 11 months, 2 weeks ago )
File names extra_0.bin
6ebf6ff8bfaf5c7d5fca515fdbe7e7181245108b
output.113110575.txt
ExifTool file metadata
MIMEType
text/rtf

FileType
RTF

FileTypeExtension
rtf

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!