× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 3dd21625b94206567cdc038ca9d95c0d3cd2f99f1663ec93368898ac932dadd4
Detection ratio: 23 / 60
Analysis date: 2018-04-16 05:55:42 UTC ( 1 year ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.GenericKD.30614308 20180416
AegisLab Exploit.Cve.Gen!c 20180416
AhnLab-V3 XML/Dloader.S1 20180416
Arcabit Trojan.Generic.D1D32324 20180416
Baidu Win32.Trojan-Downloader.Agent.kl 20180416
BitDefender Trojan.GenericKD.30614308 20180416
Cyren ZIP/Trojan.DAZQ-9 20180416
Emsisoft Trojan.GenericKD.30614308 (B) 20180416
ESET-NOD32 a variant of Generik.CLRMOFD 20180416
F-Secure Exploit.CVE-2017-0199.Gen 20180416
Fortinet MSOffice/TrojanDownloader.DG!tr 20180416
GData Trojan.GenericKD.30614308 20180416
Ikarus Exploit.CVE-2017-0199 20180415
MAX malware (ai score=96) 20180416
Microsoft Exploit:O97M/CVE-2017-0199.A 20180416
eScan Trojan.GenericKD.30614308 20180416
NANO-Antivirus Exploit.Xml.CVE-2017-0199.equmby 20180416
Qihoo-360 susp.exp.20170199 20180416
Symantec W97M.Downloader 20180415
TrendMicro TROJ_RELSLOADR.OE 20180416
TrendMicro-HouseCall TROJ_RELSLOADR.OE 20180416
ZoneAlarm by Check Point UDS:DangerousObject.Multi.Generic 20180416
Zoner Probably W97OleLink 20180415
Alibaba 20180416
ALYac 20180416
Antiy-AVL 20180416
Avast 20180416
Avast-Mobile 20180415
AVG 20180416
Avira (no cloud) 20180415
AVware 20180416
Bkav 20180410
CAT-QuickHeal 20180415
ClamAV 20180416
CMC 20180415
Comodo 20180416
CrowdStrike Falcon (ML) 20170201
Cybereason None
Cylance 20180416
DrWeb 20180416
eGambit 20180416
Endgame 20180403
F-Prot 20180416
Sophos ML 20180121
Jiangmin 20180416
K7AntiVirus 20180416
K7GW 20180416
Kaspersky 20180416
Kingsoft 20180416
Malwarebytes 20180416
McAfee 20180416
McAfee-GW-Edition 20180416
nProtect 20180416
Palo Alto Networks (Known Signatures) 20180416
Panda 20180415
Rising 20180416
SentinelOne (Static ML) 20180225
Sophos AV 20180416
SUPERAntiSpyware 20180416
Symantec Mobile Insight 20180412
Tencent 20180416
TheHacker 20180415
Trustlook 20180416
VBA32 20180414
VIPRE 20180416
ViRobot 20180416
Webroot 20180416
WhiteArmor 20180408
Yandex 20180414
Zillya 20180413
The file being studied follows the Open XML file format! More specifically, it is a Office Open XML Document file.
Content types
rels
xml
emf
Package relationships
word/document.xml
docProps/app.xml
docProps/core.xml
http://mashhadani.com/z/a.Doc
Core document properties
dc:creator
Gold
cp:lastModifiedBy
Gold
cp:revision
2
dcterms:created
2018-04-14T09:37:00Z
dcterms:modified
2018-04-14T09:37:00Z
Application document properties
Template
Normal
TotalTime
0
Pages
1
Words
10
Characters
63
Application
Microsoft Office Word
DocSecurity
0
Lines
1
Paragraphs
1
ScaleCrop
false
LinksUpToDate
false
CharactersWithSpaces
72
SharedDoc
false
HyperlinksChanged
false
AppVersion
12.0000
Document languages
Language
Prevalence
en-us
2
ar-sa
1
ExifTool file metadata
SharedDoc
No

HyperlinksChanged
No

LinksUpToDate
No

LastModifiedBy
Gold

Application
Microsoft Office Word

ZipFileName
[Content_Types].xml

Template
Normal

ZipRequiredVersion
20

ModifyDate
2018:04:14 09:37:00Z

ZipCRC
0x7768f315

Words
10

ScaleCrop
No

RevisionNumber
2

MIMEType
application/vnd.openxmlformats-officedocument.wordprocessingml.document

ZipBitFlag
0x0006

CreateDate
2018:04:14 09:37:00Z

Lines
1

AppVersion
12.0

ZipUncompressedSize
1364

ZipCompressedSize
371

Characters
63

CharactersWithSpaces
72

DocSecurity
None

ZipModifyDate
1980:01:01 00:00:00

FileType
DOCX

Creator
Gold

TotalEditTime
0

ZipCompression
Deflated

Pages
1

FileTypeExtension
docx

Paragraphs
1

The file being studied is a compressed stream! Details about the compressed contents follow.
Contained files
Compression metadata
Contained files
12
Uncompressed size
34430
Highest datetime
1980-01-01 00:00:00
Lowest datetime
1980-01-01 00:00:00
Contained files by extension
xml
9
emf
1
Contained files by type
XML
11
unknown
1
File identification
MD5 b76da0916c8df42544a34e319840b37c
SHA1 8df69ead5e9d2a5013cbe7d6b689235f8b67e710
SHA256 3dd21625b94206567cdc038ca9d95c0d3cd2f99f1663ec93368898ac932dadd4
ssdeep
192:+9mnsX8ywKL7nS1ep80sN5bv/0Rblz4UmoPMkeltw1nLFr3NHZJz:xssyLzS1epcHabDmIM81n93BZJz

File size 11.5 KB ( 11827 bytes )
File type Office Open XML Document
Magic literal
Zip archive data, at least v2.0 to extract

TrID Word Microsoft Office Open XML Format document (51.0%)
Open Packaging Conventions container (38.0%)
ZIP compressed archive (8.6%)
PrintFox/Pagefox bitmap (var. P) (2.1%)
Tags
cve-2017-8759 docx attachment cve-2017-0199 exploit

VirusTotal metadata
First submission 2018-04-14 10:25:59 UTC ( 1 year ago )
Last submission 2018-04-17 02:20:42 UTC ( 1 year ago )
File names PO 315 MJr 4a medical 19 02 2018 65 GHFS.docx
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!