× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 5c297b2969d14528b0e0947b1756e2e9c4bc7594bbbe1319f9eb38ca0f11144e
File name: 5c297b2969d14528b0e0947b1756e2e9c4bc7594bbbe1319f9eb38ca0f11144e
Detection ratio: 13 / 60
Analysis date: 2018-09-24 23:06:45 UTC ( 5 months, 3 weeks ago ) View latest
Antivirus Result Update
Avast Win32:ShellCode [Expl] 20180924
AVG Win32:ShellCode [Expl] 20180924
Cyren CVE-2017-11882.D.gen!Camelot 20180924
DrWeb W97M.DownLoader.2938 20180924
Fortinet MSOffice/CVE_2017_11882.A!exploit 20180924
Ikarus Exploit.CVE-2017-11882 20180924
McAfee CVE2017-11882.bb!EFA02B344E08 20180924
Rising Exploit.CVE-2017-11882!1.B40D (CLASSIC) 20180924
SentinelOne (Static ML) static engine - malicious 20180830
Sophos AV Exp/20180802-B 20180924
Symantec Exp.CVE-2017-11882!g2 20180924
TrendMicro TROJ_CV.8E6945C6 20180924
TrendMicro-HouseCall TROJ_CV.8E6945C6 20180924
Ad-Aware 20180924
AegisLab 20180924
AhnLab-V3 20180924
Alibaba 20180921
ALYac 20180924
Antiy-AVL 20180924
Arcabit 20180924
Avast-Mobile 20180924
Avira (no cloud) 20180924
AVware 20180924
Babable 20180918
Baidu 20180914
BitDefender 20180924
Bkav 20180924
CAT-QuickHeal 20180923
ClamAV 20180924
CMC 20180924
Comodo 20180924
CrowdStrike Falcon (ML) 20180723
Cybereason 20180225
Cylance 20180925
eGambit 20180925
Emsisoft 20180924
Endgame 20180730
ESET-NOD32 20180924
F-Prot 20180924
F-Secure 20180924
GData 20180924
Sophos ML 20180717
Jiangmin 20180924
K7AntiVirus 20180924
K7GW 20180924
Kaspersky 20180924
Kingsoft 20180925
Malwarebytes 20180924
MAX 20180925
McAfee-GW-Edition 20180924
eScan 20180924
NANO-Antivirus 20180924
Palo Alto Networks (Known Signatures) 20180925
Panda 20180924
Qihoo-360 20180925
SUPERAntiSpyware 20180907
Symantec Mobile Insight 20180924
TACHYON 20180924
Tencent 20180925
TheHacker 20180924
TotalDefense 20180924
Trustlook 20180925
VBA32 20180924
VIPRE 20180924
ViRobot 20180924
Webroot 20180925
Yandex 20180924
Zillya 20180924
ZoneAlarm by Check Point 20180924
Zoner 20180924
The file being studied follows the Open XML file format! More specifically, it is a Office Open XML Spreadsheet file.
Content types
rels
xml
vml
bin
Package relationships
docProps/app.xml
docProps/core.xml
xl/workbook.xml
Core document properties
dcterms:created
2006-09-16T00:00:00Z
dcterms:modified
2018-09-18T23:52:30Z
Application document properties
Application
Microsoft Excel
DocSecurity
0
ScaleCrop
false
vt:lpstr
Worksheets
vt:i4
3
vt:lpstr
Sheet1
vt:lpstr
Sheet2
vt:lpstr
Sheet3
LinksUpToDate
false
SharedDoc
false
HyperlinksChanged
false
AppVersion
14.0300
Workbook properties
lowestEdited
4
calcPr
122211
rupBuild
9303
lastEdited
5
sheets
3
Character codifications
Codification
Prevalence
Basic Latin
9
ExifTool file metadata
SharedDoc
No

HyperlinksChanged
No

TitlesOfParts
Sheet1, Sheet2, Sheet3

LinksUpToDate
No

HeadingPairs
Worksheets, 3

ZipFileName
[Content_Types].xml

CreateDate
2006:09:16 00:00:00Z

ZipRequiredVersion
20

ModifyDate
2018:09:18 23:52:30Z

ZipCRC
0xb8d5b71e

ZipBitFlag
0x0002

ScaleCrop
No

MIMEType
application/vnd.openxmlformats-officedocument.spreadsheetml.sheet

FileType
XLSX

AppVersion
14.03

ZipUncompressedSize
1777

ZipCompressedSize
398

DocSecurity
None

ZipModifyDate
2018:09:24 23:50:36

Application
Microsoft Excel

ZipCompression
Deflated

FileTypeExtension
xlsx

The file being studied is a compressed stream! Details about the compressed contents follow.
Contained files
Compression metadata
Contained files
15
Uncompressed size
21654
Highest datetime
2018-09-24 23:50:36
Lowest datetime
2018-09-24 23:50:36
Contained files by extension
xml
10
bin
1
vml
1
Contained files by type
XML
13
unknown
1
Microsoft Office
1
File identification
MD5 4ae95b637f1997ecb72c1b887e1ad150
SHA1 6392c4ad2383cac055085fed3ea21d1d706dafe5
SHA256 5c297b2969d14528b0e0947b1756e2e9c4bc7594bbbe1319f9eb38ca0f11144e
ssdeep
192:gx81M2pYtV0zO6GxewU4SfjWS9kxSug46TtWL1:gx81MuMShGE7f/mSuWWL1

File size 9.8 KB ( 10026 bytes )
File type Office Open XML Spreadsheet
Magic literal
Zip archive data, at least v2.0 to extract

TrID Excel Microsoft Office Open XML Format document (60.1%)
Open Packaging Conventions container (30.9%)
ZIP compressed archive (7.0%)
PrintFox/Pagefox bitmap (var. P) (1.7%)
Tags
xlsx exploit cve-2017-11882 cve-2018-0802 cve-2017-1182

VirusTotal metadata
First submission 2018-09-24 23:06:45 UTC ( 5 months, 3 weeks ago )
Last submission 2018-10-02 07:32:24 UTC ( 5 months, 2 weeks ago )
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!