× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 33d5726aa9d5cba707698fe73cf7595a5e84dec8b625d1e42b07600a6b89db3e
File name: EDU.doc
Detection ratio: 30 / 57
Analysis date: 2018-11-24 15:59:41 UTC ( 4 months, 4 weeks ago ) View latest
Antivirus Result Update
Ad-Aware Exploit.RTF-ObfsStrm.Gen 20181124
AhnLab-V3 RTF/Malform-A.Gen 20181124
Antiy-AVL Trojan[Exploit]/RTF.Obscure.Gen 20181124
Arcabit Exploit.RTF-ObfsStrm.Gen 20181124
Avast RTF:Obfuscated-gen [Trj] 20181124
AVG RTF:Obfuscated-gen [Trj] 20181124
Avira (no cloud) EXP/CVE-2017-11882.Gen 20181124
BitDefender Exploit.RTF-ObfsStrm.Gen 20181124
Cyren CVE-2017-11882.E.gen!Camelot 20181124
DrWeb Exploit.ShellCode.69 20181124
Emsisoft Exploit.RTF-ObfsStrm.Gen (B) 20181124
ESET-NOD32 probably a variant of Win32/Exploit.CVE-2017-11882.A 20181124
F-Secure Exploit.RTF-ObfsStrm.Gen 20181124
Fortinet MSOffice/CVE_2017_11882.BB!exploit 20181124
GData Exploit.RTF-ObfsStrm.Gen 20181124
Ikarus Exploit.CVE-2017-11882 20181124
Kaspersky HEUR:Exploit.MSOffice.Generic 20181124
MAX malware (ai score=86) 20181124
McAfee Exploit-CVE2017-11882.o 20181124
McAfee-GW-Edition Exploit-CVE2017-11882.o 20181124
Microsoft Exploit:O97M/CVE-2017-11882.L 20181124
eScan Exploit.RTF-ObfsStrm.Gen 20181124
NANO-Antivirus Exploit.Rtf.Heuristic-rtf.dinbqn 20181124
Qihoo-360 virus.exp.21711882 20181124
Rising Exploit.CVE-2017-11882!1.B40D (CLASSIC) 20181124
Sophos AV Troj/RtfExp-EQ 20181124
Symantec Exp.CVE-2017-11882!g2 20181123
TACHYON Trojan-Exploit/RTF.CVE-2017-11882 20181124
ZoneAlarm by Check Point HEUR:Exploit.MSOffice.Generic 20181124
Zoner Probably RTFBadVersion 20181124
AegisLab 20181124
Alibaba 20180921
ALYac 20181124
Avast-Mobile 20181124
Babable 20180918
Baidu 20181123
Bkav 20181123
CAT-QuickHeal 20181124
ClamAV 20181124
CMC 20181124
Comodo 20181124
CrowdStrike Falcon (ML) 20181022
Cybereason 20180225
Cylance 20181124
eGambit 20181124
Endgame 20181108
F-Prot 20181124
Sophos ML 20181108
Jiangmin 20181124
K7AntiVirus 20181124
K7GW 20181124
Kingsoft 20181124
Malwarebytes 20181124
Palo Alto Networks (Known Signatures) 20181124
Panda 20181124
SentinelOne (Static ML) 20181011
SUPERAntiSpyware 20181121
Symantec Mobile Insight 20181121
Tencent 20181124
TheHacker 20181118
Trapmine 20180918
TrendMicro 20181124
TrendMicro-HouseCall 20181124
Trustlook 20181124
VBA32 20181123
VIPRE 20181124
ViRobot 20181124
Webroot 20181124
Yandex 20181123
Zillya 20181123
The file being studied is a Rich Text Format file! RTF is a proprietary document file format with published specification developed by Microsoft Corporation since 1987 for Microsoft products and for cross-platform document interchange.
Document properties
Non ascii characters
521
Embedded drawings
0
Rtf header
rtf|1?%(7&
Read only protection
False
User protection
False
Default character set
ANSI (default)
Custom xml data properties
0
Dos stubs
0
Objects
Hypertext Markup Language (HTML) control
Embedded pictures
0
Longest hex string
28
ExifTool file metadata
MIMEType
text/rtf

FileType
RTF

Warning
Unspecified RTF encoding. Will assume Latin

FileTypeExtension
rtf

File identification
MD5 2070a78af1cd35f6dd51e50cca95ae21
SHA1 9062b66c3e321bbb0da2f4f1b4e938df7bcd7410
SHA256 33d5726aa9d5cba707698fe73cf7595a5e84dec8b625d1e42b07600a6b89db3e
ssdeep
3072:UIaAOpQllluQGHN9RPA9cIbIyXu7IK3CX:UItIMMHN9RP8cOIyOm

File size 452.4 KB ( 463268 bytes )
File type Rich Text Format
Magic literal
Rich Text Format data, unknown version

TrID Rich Text Format (100.0%)
Tags
rtf exploit html-control cve-2017-11882

VirusTotal metadata
First submission 2018-11-24 15:59:41 UTC ( 4 months, 4 weeks ago )
Last submission 2018-11-24 15:59:41 UTC ( 4 months, 4 weeks ago )
File names EDU.doc
ExifTool file metadata
MIMEType
text/rtf

FileType
RTF

Warning
Unspecified RTF encoding. Will assume Latin

FileTypeExtension
rtf

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!