× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 3a7e7faf1103c1bbb618da0910321297eea4fd7012be3feaec239a4c58b22aec
File name: Payment Copy.doc
Detection ratio: 28 / 60
Analysis date: 2018-06-23 01:29:09 UTC ( 7 months, 4 weeks ago ) View latest
Antivirus Result Update
AhnLab-V3 RTF/Exploit 20180622
Antiy-AVL Trojan[Exploit]/RTF.Obscure.Gen 20180623
Arcabit Exploit.CVE-2017-11882.Gen 20180623
Avira (no cloud) EXP/CVE-2017-11882.Gen 20180622
Baidu Win32.Exploit.CVE-2017-11882.l 20180622
BitDefender Exploit.CVE-2017-11882.Gen 20180623
CAT-QuickHeal Exp.RTF.CVE-2017-11882.MB 20180622
Cyren Trojan.CAHW-73 20180623
DrWeb Exploit.Siggen.5834 20180623
Emsisoft Exploit.CVE-2017-11882.Gen (B) 20180623
F-Secure Exploit.CVE-2017-11882.Gen 20180622
GData Exploit.CVE-2017-11882.Gen 20180623
Ikarus Exploit.CVE-2017-11882 20180622
Jiangmin heur:Exploit.ShellCode.Gen 20180623
Kaspersky HEUR:Exploit.MSOffice.Generic 20180623
MAX malware (ai score=81) 20180623
McAfee Exploit-CVE2017-11882.s 20180623
McAfee-GW-Edition Exploit-CVE2017-11882.s 20180623
Microsoft Trojan:Script/Cloxer.A!cl 20180622
NANO-Antivirus Exploit.Rtf.Heuristic-rtf.dinbqn 20180623
Qihoo-360 virus.exp.21711882.d 20180623
Sophos AV Exp/201711882-L 20180623
Symantec Trojan.Mdropper 20180622
TACHYON Suspicious/RTF.Obfus.Gen 20180623
Tencent Office.Exploit.Generic.Hvju 20180623
TrendMicro HEUR_RTFMALFORM 20180623
ZoneAlarm by Check Point HEUR:Exploit.MSOffice.Generic 20180623
Zoner Probably RTFBadSpacing 20180622
Ad-Aware 20180623
AegisLab 20180622
Alibaba 20180622
ALYac 20180623
Avast 20180623
Avast-Mobile 20180622
AVG 20180623
AVware 20180622
Babable 20180406
Bkav 20180622
ClamAV 20180623
CMC 20180622
Comodo 20180623
CrowdStrike Falcon (ML) 20180530
Cybereason 20180225
Cylance 20180623
eGambit 20180623
Endgame 20180612
ESET-NOD32 20180623
F-Prot 20180623
Fortinet 20180623
Sophos ML 20180601
K7AntiVirus 20180622
K7GW 20180623
Kingsoft 20180623
Malwarebytes 20180623
eScan 20180623
Palo Alto Networks (Known Signatures) 20180623
Panda 20180622
Rising 20180623
SentinelOne (Static ML) 20180618
SUPERAntiSpyware 20180622
Symantec Mobile Insight 20180619
TheHacker 20180622
TotalDefense 20180622
TrendMicro-HouseCall 20180623
Trustlook 20180623
VBA32 20180622
VIPRE 20180623
ViRobot 20180622
Webroot 20180623
Yandex 20180622
Zillya 20180622
The file being studied is a Rich Text Format file! RTF is a proprietary document file format with published specification developed by Microsoft Corporation since 1987 for Microsoft products and for cross-platform document interchange.
Document properties
Non ascii characters
0
Embedded drawings
0
Rtf header
rtf
Read only protection
False
User protection
False
Default character set
ANSI (default)
Custom xml data properties
0
Dos stubs
0
Objects
Hypertext Markup Language (HTML) control
Embedded pictures
0
Longest hex string
9095
ExifTool file metadata
MIMEType
text/rtf

FileType
RTF

Warning
Unspecified RTF encoding. Will assume Latin

FileTypeExtension
rtf

File identification
MD5 2afa4fefb32f264331c9bc01d03a4ef6
SHA1 6b327de22903cdfc7886665e38e4fc895e406fed
SHA256 3a7e7faf1103c1bbb618da0910321297eea4fd7012be3feaec239a4c58b22aec
ssdeep
1536:TfZ5fylGIYfZyEYWV5/JjHTVa1iG1tbbazBqtzJxLd7COxrZ31tv2DeMw/7yHKzB:T36TYfZST3M4

File size 74.7 KB ( 76472 bytes )
File type Rich Text Format
Magic literal
Rich Text Format data, unknown version

TrID Rich Text Format (100.0%)
Tags
exploit rtf html-control cve-2017-11882 attachment

VirusTotal metadata
First submission 2018-06-23 01:29:09 UTC ( 7 months, 4 weeks ago )
Last submission 2018-06-23 01:29:09 UTC ( 7 months, 4 weeks ago )
File names Payment Copy.doc
ExifTool file metadata
MIMEType
text/rtf

FileType
RTF

Warning
Unspecified RTF encoding. Will assume Latin

FileTypeExtension
rtf

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!