× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 3a5f35fceebf1626dbd11f81bf20656061ab0d1fa100a3fd0aae77edfa859cd5
File name: advice_263251_20171107.doc
Detection ratio: 39 / 55
Analysis date: 2019-02-25 10:23:48 UTC ( 3 weeks, 5 days ago )
Antivirus Result Update
Ad-Aware Trojan.GenericKD.12544091 20190225
AhnLab-V3 LNK/Downloader 20190225
Antiy-AVL Trojan[Exploit]/LNK.CVE-2017-8464 20190225
Arcabit Trojan.Generic.DBF685B 20190225
Avast Other:Malware-gen [Trj] 20190225
AVG Other:Malware-gen [Trj] 20190225
Avira (no cloud) TR/LNK.PSH.Downloader.Gen 20190225
BitDefender Trojan.GenericKD.12544091 20190225
CAT-QuickHeal Trojan.LNK.3807 20190224
ClamAV Img.Dropper.PhishingLure-6362648-0 20190225
Cyren LNK/Powershell.CT!Camelot 20190225
DrWeb PowerShell.DownLoader.457 20190225
Emsisoft Trojan.GenericKD.12544091 (B) 20190225
ESET-NOD32 VBA/TrojanDownloader.Agent.FBW 20190225
F-Secure Trojan.TR/LNK.PSH.Downloader.Gen 20190225
Fortinet LNK/Agent.EDF!tr.dldr 20190225
GData Trojan.GenericKD.12544091 20190225
Ikarus Trojan-Downloader.LNK.Agent 20190225
Jiangmin Trojan.WinLNK.Agent.c 20190225
K7AntiVirus Trojan ( 0051ac931 ) 20190225
K7GW Trojan ( 0051ac931 ) 20190225
Kaspersky Trojan.Multi.GenAutorunLnkFile.a 20190225
MAX malware (ai score=99) 20190225
McAfee RDN/Generic Downloader.x 20190225
McAfee-GW-Edition RDN/Generic Downloader.x 20190225
Microsoft TrojanDownloader:PowerShell/Ploprolo.K 20190225
eScan Trojan.GenericKD.12544091 20190225
NANO-Antivirus Trojan.OleNative.Generic.euwjfv 20190225
Qihoo-360 Win32/Trojan.e26 20190225
Rising Downloader.PowerShell/LNK!1.AE98 (CLASSIC) 20190225
SentinelOne (Static ML) static engine - malicious 20190203
Sophos AV Mal/DownLnk-D 20190225
Symantec Trojan.Mdropper 20190225
TACHYON Suspicious/WOX.NS.Gen 20190225
Tencent Win32.Trojan-downloader.Agent.Dxcj 20190225
VBA32 Trojan-Downloader.WinLNK.Agent.ep 20190225
ViRobot DOC.S.Agent.129991 20190225
ZoneAlarm by Check Point Trojan.Multi.GenAutorunLnkFile.a 20190225
Zoner Probably LNKScript 20190225
Acronis 20190222
AegisLab 20190225
Alibaba 20180921
ALYac 20190225
Avast-Mobile 20190225
Babable 20180918
Baidu 20190215
CMC 20190225
Comodo 20190225
CrowdStrike Falcon (ML) 20181023
Cybereason 20190109
Cylance 20190225
eGambit 20190225
Endgame 20190215
Sophos ML 20181128
Kingsoft 20190225
Malwarebytes 20190225
Palo Alto Networks (Known Signatures) 20190225
Panda 20190224
SUPERAntiSpyware 20190220
Symantec Mobile Insight 20190220
TheHacker 20190225
TotalDefense 20190225
Trapmine 20190123
Trustlook 20190225
Webroot 20190225
Yandex 20190222
The file being studied follows the Open XML file format! More specifically, it is a Office Open XML Document file.
Content types
bin
rels
emf
png
xml
Package relationships
word/document.xml
docProps/app.xml
docProps/core.xml
Core document properties
dc:creator
alex
cp:lastModifiedBy
1
cp:revision
2
dcterms:created
2017-11-06T15:13:00Z
dcterms:modified
2017-11-06T15:13:00Z
Application document properties
Template
Normal.dotm
TotalTime
0
Pages
1
Words
3
Characters
19
Application
Microsoft Office Word
DocSecurity
0
Lines
1
Paragraphs
1
ScaleCrop
false
vt:lpstr
\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435
vt:i4
1
LinksUpToDate
false
CharactersWithSpaces
21
SharedDoc
false
HyperlinksChanged
false
AppVersion
16.0000
Document languages
Language
Prevalence
ru-ru
3
en-us
1
ar-sa
1
ExifTool file metadata
SharedDoc
No

HyperlinksChanged
No

LinksUpToDate
No

LastModifiedBy
1

HeadingPairs
, 1

ZipFileName
[Content_Types].xml

Template
Normal.dotm

ZipRequiredVersion
20

ModifyDate
2017:11:06 15:13:00Z

ZipCRC
0x41738c02

Words
3

ScaleCrop
No

RevisionNumber
2

MIMEType
application/vnd.openxmlformats-officedocument.wordprocessingml.document

ZipBitFlag
0x0006

CreateDate
2017:11:06 15:13:00Z

Lines
1

AppVersion
16.0

ZipUncompressedSize
1510

ZipCompressedSize
380

Characters
19

CharactersWithSpaces
21

DocSecurity
None

ZipModifyDate
1980:01:01 00:00:00

FileType
DOCX

Application
Microsoft Office Word

TotalEditTime
0

ZipCompression
Deflated

Pages
1

Creator
alex

FileTypeExtension
docx

Paragraphs
1

The file being studied is a compressed stream! Details about the compressed contents follow.
Contained files
Compression metadata
Contained files
14
Uncompressed size
175026
Highest datetime
1980-01-01 00:00:00
Lowest datetime
1980-01-01 00:00:00
Contained files by extension
xml
9
bin
1
emf
1
png
1
Contained files by type
XML
11
unknown
1
Microsoft Office
1
PNG
1
File identification
MD5 804156021313adfee00e9406f8de1031
SHA1 d39e97a9ff6dceb4e8430036f43fb187b8a80003
SHA256 3a5f35fceebf1626dbd11f81bf20656061ab0d1fa100a3fd0aae77edfa859cd5
ssdeep
3072:zPgvkTRDtieqb3YLk5Qj+ybcQGJoRDYk+HilDYnb:jiy4dbIZ+8cQlRpKih2

File size 126.9 KB ( 129991 bytes )
File type Office Open XML Document
Magic literal
Zip archive data, at least v2.0 to extract

TrID Word Microsoft Office Open XML Format document (51.0%)
Open Packaging Conventions container (38.0%)
ZIP compressed archive (8.6%)
PrintFox/Pagefox bitmap (var. P) (2.1%)
Tags
docx cve-2017-8464 attachment exploit

VirusTotal metadata
First submission 2017-11-06 16:45:07 UTC ( 1 year, 4 months ago )
Last submission 2018-12-18 02:33:50 UTC ( 3 months ago )
File names advice_596472_20171106.doc
advice_263251_20171107.doc
advice_505040_20171107.doc
advice_038712_20171106.doc
advice_229506_20171107.doc
advice_771343_20171107.doc
advice_653176_20171106.doc
advice_154713_20171107.doc
advice_148122_20171107.doc
advice_493794_20171106_66521814871584090651JavaMaildw04007d.doc
POP3-740d85c4_15f4dcfe52e_-774a.doc
804156021313adfee00e9406f8de1031
advice_911249_20171106.doc
804156021313adfee00e9406f8de1031.doc
advice_652346_20171106.doc
advice_018551_20171107.doc
advice_480471_20171107.doc
advice_227834_20171107.doc
advice_685789_20171106.doc
advice_035283_20171106.doc
advice_228111_20171107.doc
advice_709613_20171107.doc
advice_732764_20171107.doc
advice_414976_20171106.doc
advice_877942_20171106.doc
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!