× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 63fd0d0110380a8cad9d5a10fb2c7351436a7fcbe50d663193b33fc65632e77d
File name: Remittance-Advice.doc
Detection ratio: 6 / 60
Analysis date: 2018-09-13 02:16:43 UTC ( 6 months, 1 week ago ) View latest
Antivirus Result Update
Antiy-AVL Trojan[Exploit]/OLE.CVE-2014-6352 20180913
ESET-NOD32 a variant of Win32/GenKryptik.CJSF 20180913
GData Macro.Trojan-Dropper.Agent.AJB@susp 20180913
Rising Malware.Heuristic!ET#86% (RDM+:cmRtazoloQEtc78DN0MFtEnJJpn9) 20180913
SentinelOne (Static ML) static engine - malicious 20180830
TACHYON Suspicious/WOX.NS.Gen 20180912
Ad-Aware 20180912
AegisLab 20180912
AhnLab-V3 20180912
Alibaba 20180713
ALYac 20180913
Arcabit 20180913
Avast 20180913
Avast-Mobile 20180912
AVG 20180913
Avira (no cloud) 20180912
AVware 20180913
Babable 20180907
Baidu 20180912
BitDefender 20180913
Bkav 20180912
CAT-QuickHeal 20180912
ClamAV 20180912
CMC 20180912
Comodo 20180912
CrowdStrike Falcon (ML) 20180202
Cybereason 20180308
Cylance 20180913
Cyren 20180913
DrWeb 20180913
eGambit 20180913
Emsisoft 20180913
Endgame 20180730
F-Prot 20180913
F-Secure 20180912
Fortinet 20180913
Ikarus 20180912
Sophos ML 20180717
Jiangmin 20180912
K7AntiVirus 20180912
K7GW 20180912
Kaspersky 20180912
Kingsoft 20180913
Malwarebytes 20180912
MAX 20180913
McAfee 20180912
McAfee-GW-Edition 20180912
Microsoft 20180912
eScan 20180913
NANO-Antivirus 20180912
Palo Alto Networks (Known Signatures) 20180913
Panda 20180912
Qihoo-360 20180913
Sophos AV 20180912
SUPERAntiSpyware 20180907
Symantec 20180912
Symantec Mobile Insight 20180911
Tencent 20180913
TheHacker 20180907
TrendMicro 20180913
TrendMicro-HouseCall 20180913
Trustlook 20180913
VBA32 20180912
VIPRE 20180913
ViRobot 20180912
Webroot 20180913
Yandex 20180912
Zillya 20180912
ZoneAlarm by Check Point 20180913
Zoner 20180912
The file being studied follows the Open XML file format! More specifically, it is a Office Open XML Document file.
Content types
bin
rels
emf
png
xml
Package relationships
word/document.xml
docProps/app.xml
docProps/core.xml
Core document properties
dc:creator
ADMIN
cp:lastModifiedBy
ADMIN
cp:revision
2
dcterms:created
2018-09-12T17:29:00Z
dcterms:modified
2018-09-12T17:43:00Z
Application document properties
Template
Normal
TotalTime
3
Pages
1
Words
0
Characters
2
Application
Microsoft Office Word
DocSecurity
0
Lines
1
Paragraphs
1
ScaleCrop
false
LinksUpToDate
false
CharactersWithSpaces
2
SharedDoc
false
HyperlinksChanged
false
AppVersion
15.0000
Document languages
Language
Prevalence
en-us
2
ar-sa
1
ExifTool file metadata
SharedDoc
No

HyperlinksChanged
No

LinksUpToDate
No

LastModifiedBy
ADMIN

Application
Microsoft Office Word

ZipFileName
[Content_Types].xml

Template
Normal

ZipRequiredVersion
20

ModifyDate
2018:09:12 17:43:00Z

ZipCRC
0x1fcfe670

Words
0

ScaleCrop
No

RevisionNumber
2

MIMEType
application/vnd.openxmlformats-officedocument.wordprocessingml.document

ZipBitFlag
0x0006

CreateDate
2018:09:12 17:29:00Z

Lines
1

AppVersion
15.0

ZipUncompressedSize
1510

ZipCompressedSize
380

Characters
2

CharactersWithSpaces
2

DocSecurity
None

ZipModifyDate
1980:01:01 00:00:00

FileType
DOCX

Creator
ADMIN

TotalEditTime
3 minutes

ZipCompression
Deflated

Pages
1

FileTypeExtension
docx

Paragraphs
1

The file being studied is a compressed stream! Details about the compressed contents follow.
Contained files
Compression metadata
Contained files
14
Uncompressed size
4248014
Highest datetime
1980-01-01 00:00:00
Lowest datetime
1980-01-01 00:00:00
Contained files by extension
xml
9
bin
1
emf
1
png
1
Contained files by type
XML
11
unknown
1
Microsoft Office
1
PNG
1
File identification
MD5 8ec96090f3d8797f5d6589a034ed126f
SHA1 5bd16f53ffb73f6b2d7b3530d81a662cd6e21fee
SHA256 63fd0d0110380a8cad9d5a10fb2c7351436a7fcbe50d663193b33fc65632e77d
ssdeep
49152:1dbvo5v7hhlO9slOpZBOWHDWQnZWjIxBE8AKnh3YzkeuJbDz4/NeePSZW:Xbvo5TJysEnpSQnZWGEdKnuIhbo1Dqs

File size 2.1 MB ( 2158859 bytes )
File type Office Open XML Document
Magic literal
Zip archive data, at least v2.0 to extract

TrID Word Microsoft Office Open XML Format document (51.0%)
Open Packaging Conventions container (38.0%)
ZIP compressed archive (8.6%)
PrintFox/Pagefox bitmap (var. P) (2.1%)
Tags
cve-2014-6352 docx exploit

VirusTotal metadata
First submission 2018-09-13 02:16:43 UTC ( 6 months, 1 week ago )
Last submission 2018-09-13 02:16:43 UTC ( 6 months, 1 week ago )
File names Remittance-Advice.doc
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!