× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 4dd1866e4bedd4fb7005c8d5a3bf6f395030b40a75bb2afabfd5153658d16a24
Detection ratio: 16 / 59
Analysis date: 2018-04-03 13:44:39 UTC ( 1 year ago ) View latest
Antivirus Result Update
AegisLab Exploit.Msoffice.Cve!c 20180403
CAT-QuickHeal Exp.RTF.CVE-2017-11882.AF 20180403
DrWeb Trojan.Trick.45194 20180403
Fortinet W32/Kryptik.GCVH!tr 20180403
Ikarus Win32.SuspectCrc 20180403
Kaspersky HEUR:Exploit.MSOffice.CVE-2017-8570.a 20180403
NANO-Antivirus Exploit.Rtf.Heuristic-rtf.dinbqn 20180403
nProtect Suspicious/RTF.Agent.Gen 20180403
Qihoo-360 virus.exp.21711882.c 20180403
Rising Exploit.CVE-2017-8570!1.AFC6 (CLASSIC) 20180403
Sophos AV Mal/Generic-S 20180403
Symantec ML.Attribute.HighConfidence 20180403
TrendMicro BAT_LOKI.LKM 20180403
TrendMicro-HouseCall BAT_LOKI.LKM 20180403
ZoneAlarm by Check Point HEUR:Trojan.Win32.Generic 20180403
Zoner Probably RTFBadHeader 20180403
Ad-Aware 20180403
AhnLab-V3 20180403
Alibaba 20180403
ALYac 20180403
Antiy-AVL 20180403
Arcabit 20180403
Avast 20180403
Avast-Mobile 20180403
AVG 20180403
Avira (no cloud) 20180403
AVware 20180403
Baidu 20180403
BitDefender 20180403
Bkav 20180403
ClamAV 20180403
CMC 20180403
Comodo 20180403
CrowdStrike Falcon (ML) 20170201
Cybereason None
Cyren 20180403
eGambit 20180403
Emsisoft 20180403
Endgame 20180403
ESET-NOD32 20180403
F-Prot 20180403
F-Secure 20180403
GData 20180403
Sophos ML 20180121
Jiangmin 20180403
K7AntiVirus 20180403
K7GW 20180403
Kingsoft 20180403
Malwarebytes 20180403
MAX 20180403
McAfee 20180403
McAfee-GW-Edition 20180403
Microsoft 20180403
eScan 20180403
Palo Alto Networks (Known Signatures) 20180403
Panda 20180403
SentinelOne (Static ML) 20180225
SUPERAntiSpyware 20180403
Symantec Mobile Insight 20180401
Tencent 20180403
TheHacker 20180330
Trustlook 20180403
VBA32 20180403
VIPRE 20180403
ViRobot 20180403
WhiteArmor 20180324
Yandex 20180403
Zillya 20180402
The file being studied is a Rich Text Format file! RTF is a proprietary document file format with published specification developed by Microsoft Corporation since 1987 for Microsoft products and for cross-platform document interchange.
Document properties
Non ascii characters
1515
Embedded drawings
0
Rtf header
rt
Read only protection
False
User protection
False
Default character set
ANSI (default)
Custom xml data properties
0
Dos stubs
0
Objects
Hypertext Markup Language (HTML) control (ShockwaveFlash.ShockwaveFlash.23)
Hypertext Markup Language (HTML) control (ShockwaveFlash.ShockwaveFlash.23)
Hypertext Markup Language (HTML) control (ShockwaveFlash.ShockwaveFlash.23)
Hypertext Markup Language (HTML) control (ShockwaveFlash.ShockwaveFlash.23)
Hypertext Markup Language (HTML) control (ShockwaveFlash.ShockwaveFlash.23)
Hypertext Markup Language (HTML) control (ShockwaveFlash.ShockwaveFlash.23)
Hypertext Markup Language (HTML) control (ShockwaveFlash.ShockwaveFlash.23)
OLE embedded (ShockwaveFlash.ShockwaveFlash.23)
OLE control (ShockwaveFlash.ShockwaveFlash.23)
Embedded pictures
1
Longest hex string
206196
File identification
MD5 c545884cf6e9990e3e60cf198a215532
SHA1 5e0ab852faa11109241364a6c3633d245d8ecb5c
SHA256 4dd1866e4bedd4fb7005c8d5a3bf6f395030b40a75bb2afabfd5153658d16a24
ssdeep
6144:/V2wBM3ZchWk/MkGIurZxTBSZuVidUF5MXuHI:N+WhWEyIurZnSZu+UvOuo

File size 370.8 KB ( 379679 bytes )
File type Rich Text Format
Magic literal
ASCII text, with very long lines

TrID Poser pose (100.0%)
Tags
ole-embedded rtf cve-2017-11882 ole-control cve-2017-8570 exploit html-control cve-2018-0802

VirusTotal metadata
First submission 2018-04-03 13:08:57 UTC ( 1 year ago )
Last submission 2018-08-07 06:59:43 UTC ( 8 months, 2 weeks ago )
File names sage_invoice93484324.doc
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!