× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 54256045e4d66856110b83322cc4ddf96f53de25091555b65a7f77379fa78d4f
File name: zbetcheckin_tracker_11882.doc
Detection ratio: 32 / 58
Analysis date: 2019-01-04 18:01:43 UTC ( 3 months, 2 weeks ago ) View latest
Antivirus Result Update
Ad-Aware Exploit.CVE-2017-11882.Gen 20190104
AhnLab-V3 OLE/Cve-2017-11882.Gen 20190104
ALYac Exploit.CVE-2017-11882.Gen 20190104
Arcabit Exploit.CVE-2017-11882.Gen 20190104
Avast Win32:ShellCode [Expl] 20190104
AVG Win32:ShellCode [Expl] 20190104
Avira (no cloud) EXP/CVE-2017-11882.Gen 20190104
BitDefender Exploit.CVE-2017-11882.Gen 20190104
ClamAV Rtf.Exploit.CVE_2017_11882-6584355-0 20190104
Cyren CVE-2017-11882.E.gen!Camelot 20190104
DrWeb Exploit.ShellCode.69 20190104
Emsisoft Exploit.CVE-2017-11882.Gen (B) 20190104
ESET-NOD32 probably a variant of Win32/Exploit.CVE-2017-11882.A 20190104
F-Secure Exploit:W97M/CVE-2017-0199.B 20190104
Fortinet MSOffice/CVE_2017_11882.BB!exploit 20190104
GData Exploit.CVE-2017-11882.Gen (2x) 20190104
Ikarus Exploit.CVE-2017-11882 20190104
Kaspersky HEUR:Exploit.MSOffice.Generic 20190104
MAX malware (ai score=83) 20190104
McAfee CVE2017-11882.bb!7991D8E3D99F 20190104
McAfee-GW-Edition CVE2017-11882.bb!7991D8E3D99F 20190104
Microsoft Exploit:O97M/CVE-2017-11882.L 20190104
eScan Exploit.CVE-2017-11882.Gen 20190104
NANO-Antivirus Exploit.Rtf.Heuristic-rtf.dinbqn 20190104
Qihoo-360 virus.exp.21711882.d 20190104
Rising Exploit.CVE-2017-11882!1.B40D (CLASSIC) 20190104
Sophos AV Troj/RtfExp-EQ 20190104
Symantec Exp.CVE-2017-11882!g3 20190104
TACHYON Trojan-Exploit/RTF.CVE-2017-11882 20190104
TrendMicro Trojan.W97M.CVE201711882.SMD 20190104
TrendMicro-HouseCall Trojan.W97M.CVE201711882.SMD 20190104
ZoneAlarm by Check Point HEUR:Exploit.RTF.Agent.gen 20190104
Acronis 20181227
AegisLab 20190104
Alibaba 20180921
Antiy-AVL 20190104
Avast-Mobile 20190104
Babable 20180918
Baidu 20190104
Bkav 20190104
CAT-QuickHeal 20190104
CMC 20190103
Comodo 20190104
CrowdStrike Falcon (ML) 20181022
Cybereason 20180225
Cylance 20190104
eGambit 20190104
Endgame 20181108
F-Prot 20190104
Sophos ML 20181128
Jiangmin 20190104
K7AntiVirus 20190104
K7GW 20190104
Kingsoft 20190104
Malwarebytes 20190104
Palo Alto Networks (Known Signatures) 20190104
Panda 20190104
SentinelOne (Static ML) 20181223
SUPERAntiSpyware 20190102
Tencent 20190104
TheHacker 20190104
TotalDefense 20190104
Trapmine 20190103
Trustlook 20190104
VBA32 20190104
VIPRE 20190104
ViRobot 20190104
Webroot 20190104
Yandex 20181229
Zillya 20190103
Zoner 20190104
The file being studied is a Rich Text Format file! RTF is a proprietary document file format with published specification developed by Microsoft Corporation since 1987 for Microsoft products and for cross-platform document interchange.
Document properties
Non ascii characters
0
Embedded drawings
0
Rtf header
rtf
Read only protection
False
User protection
False
Default character set
ANSI (default)
Custom xml data properties
0
Dos stubs
0
Objects
OLE link
Embedded pictures
0
Longest hex string
8312
ExifTool file metadata
MIMEType
text/rtf

FileType
RTF

Warning
Unspecified RTF encoding. Will assume Latin

FileTypeExtension
rtf

File identification
MD5 825dca62da2bca1fea757d0a5ec529af
SHA1 2deb8b535c4982f52ccbe0fdbb64732134a0ef25
SHA256 54256045e4d66856110b83322cc4ddf96f53de25091555b65a7f77379fa78d4f
ssdeep
96:T6B2vCpL/s6hh6pdYB6Kz/6dUwnsBCklL5uh:WWCpL/LH/6dvsBCn

File size 8.2 KB ( 8376 bytes )
File type Rich Text Format
Magic literal
Rich Text Format data, unknown version

TrID Rich Text Format (100.0%)
Tags
rtf exploit ole-link cve-2017-11882 cve-2017-0199

VirusTotal metadata
First submission 2019-01-04 18:01:43 UTC ( 3 months, 2 weeks ago )
Last submission 2019-01-05 22:24:24 UTC ( 3 months, 2 weeks ago )
File names 11882.doc
54256045e4d66856110b83322cc4ddf96f53de25091555b65a7f77379fa78d4f.bin(0)
zbetcheckin_tracker_11882.doc
ExifTool file metadata
MIMEType
text/rtf

FileType
RTF

Warning
Unspecified RTF encoding. Will assume Latin

FileTypeExtension
rtf

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!