× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 46bb448bd849212c1df99cae15984b669dc19cf16fb6ccb28b211a3d21b50f1d
File name: 106776a1a0f1f15e17c06c23cbfe550e
Detection ratio: 10 / 61
Analysis date: 2017-10-24 10:28:10 UTC ( 1 year, 4 months ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.Downloader.DDE.Gen 20171024
Arcabit Trojan.Downloader.DDE.Gen 20171024
BitDefender Trojan.Downloader.DDE.Gen 20171024
ClamAV Doc.Exploit.DDEautoexec-6348842-0 20171024
Emsisoft Trojan.Downloader.DDE.Gen (B) 20171024
F-Secure Trojan.Downloader.DDE.Gen 20171024
GData Trojan.Downloader.DDE.Gen 20171024
MAX malware (ai score=89) 20171024
eScan Trojan.Downloader.DDE.Gen 20171024
Rising Exploit.MS-Office.DDE!1.ADFB (CLASSIC) 20171024
AegisLab 20171024
AhnLab-V3 20171023
Alibaba 20170911
ALYac 20171024
Antiy-AVL 20171024
Avast 20171024
Avast-Mobile 20171024
AVG 20171024
Avira (no cloud) 20171024
AVware 20171024
Baidu 20171024
Bkav 20171023
CAT-QuickHeal 20171020
CMC 20171023
Comodo 20171024
CrowdStrike Falcon (ML) 20171016
Cylance 20171024
Cyren 20171024
DrWeb 20171024
eGambit 20171024
Endgame 20171016
ESET-NOD32 20171024
F-Prot 20171024
Fortinet 20171024
Ikarus 20171024
Sophos ML 20170914
Jiangmin 20171024
K7AntiVirus 20171024
K7GW 20171024
Kaspersky 20171024
Kingsoft 20171024
Malwarebytes 20171024
McAfee 20171024
McAfee-GW-Edition 20171024
Microsoft 20171024
NANO-Antivirus 20171024
nProtect 20171024
Palo Alto Networks (Known Signatures) 20171024
Panda 20171023
Qihoo-360 20171024
SentinelOne (Static ML) 20171019
Sophos AV 20171024
SUPERAntiSpyware 20171024
Symantec 20171024
Symantec Mobile Insight 20171011
Tencent 20171024
TheHacker 20171024
TotalDefense 20171023
TrendMicro 20171024
TrendMicro-HouseCall 20171024
Trustlook 20171024
VBA32 20171024
VIPRE 20171024
ViRobot 20171024
Webroot 20171024
WhiteArmor 20171016
Yandex 20171023
Zillya 20171023
ZoneAlarm by Check Point 20171024
Zoner 20171024
The file being studied follows the Open XML file format! More specifically, it is a Office Open XML Document file.
Content types
rels
xml
Package relationships
word/document.xml
docProps/app.xml
docProps/core.xml
Core document properties
dc:creator
1
cp:lastModifiedBy
1
cp:revision
145
dcterms:created
2017-10-18T12:30:00Z
dcterms:modified
2017-10-24T09:38:00Z
Application document properties
Template
Normal.dotm
TotalTime
520
Pages
4
Words
45
Characters
259
Application
Microsoft Office Word
DocSecurity
0
Lines
2
Paragraphs
1
ScaleCrop
false
vt:lpstr
\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435
vt:i4
1
LinksUpToDate
false
CharactersWithSpaces
303
SharedDoc
false
HyperlinksChanged
false
AppVersion
16.0000
Document languages
Language
Prevalence
ru-ru
3
en-us
2
ar-sa
1
ExifTool file metadata
SharedDoc
No

HyperlinksChanged
No

LinksUpToDate
No

LastModifiedBy
1

HeadingPairs
, 1

ZipFileName
[Content_Types].xml

Template
Normal.dotm

ZipRequiredVersion
20

ModifyDate
2017:10:24 09:38:00Z

ZipCRC
0x6cd2a4df

Words
45

ScaleCrop
No

RevisionNumber
145

MIMEType
application/vnd.openxmlformats-officedocument.wordprocessingml.document

ZipBitFlag
0x0006

CreateDate
2017:10:18 12:30:00Z

Lines
2

AppVersion
16.0

ZipUncompressedSize
1312

ZipCompressedSize
346

Characters
259

CharactersWithSpaces
303

DocSecurity
None

ZipModifyDate
1980:01:01 00:00:00

FileType
DOCX

Application
Microsoft Office Word

TotalEditTime
8.7 hours

ZipCompression
Deflated

Pages
4

Creator
1

FileTypeExtension
docx

Paragraphs
1

The file being studied is a compressed stream! Details about the compressed contents follow.
Contained files
Compression metadata
Contained files
11
Uncompressed size
73311
Highest datetime
1980-01-01 00:00:00
Lowest datetime
1980-01-01 00:00:00
Contained files by extension
xml
9
Contained files by type
XML
11
File identification
MD5 106776a1a0f1f15e17c06c23cbfe550e
SHA1 8ef3d9d5d9395365da893e9260ee65a3978344de
SHA256 46bb448bd849212c1df99cae15984b669dc19cf16fb6ccb28b211a3d21b50f1d
ssdeep
384:aNru3gCFerWiKKrQmwR6CYrx1CC/tDGDnE/UTtKZMGb:eSiKSQmwR69F1Vt2n3TtQ

File size 18.3 KB ( 18759 bytes )
File type Office Open XML Document
Magic literal
Zip archive data, at least v2.0 to extract

TrID Word Microsoft Office Open XML Format document (51.0%)
Open Packaging Conventions container (38.0%)
ZIP compressed archive (8.6%)
PrintFox/Pagefox bitmap (var. P) (2.1%)
Tags
docx attachment

VirusTotal metadata
First submission 2017-10-24 10:28:10 UTC ( 1 year, 4 months ago )
Last submission 2019-01-04 23:40:56 UTC ( 2 months, 2 weeks ago )
File names Invoice_file_957299.doc
Invoice_file_550370.doc
Invoice_file_73513.doc
Invoice_file_631762.doc
106776a1a0f1f15e17c06c23cbfe550e.doc
106776a1a0f1f15e17c06c23cbfe550ee0366e42_Trojan-Downloader.MSWord.Agent.bqm
Invoice_file_332527.doc
Invoice_file_328300.doc
Invoice_file_38724.doc
Invoice_file_36457.doc
Invoice_file_554231.doc
Invoice_file_68533.doc
Invoice_file_211783.doc
Invoice_file_96633.doc
Invoice_file_548315.doc
Invoice_file_81041.doc
Invoice_file_12076.doc
Invoice_file_034740.doc
malware.malware
Invoice_file_86252.doc
Invoice_file_14785.doc
Invoice_file_426550.doc
Invoice_file_30952.doc
Invoice_file_24137.doc
Invoice_file_673154.doc
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!