× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 6cf027a6a99b1dd12ed7d7f1e3784aac7b21370fea4a0fcd44fc6b48a591a43d
File name: zbetcheckin_tracker_burn.doc
Detection ratio: 32 / 57
Analysis date: 2019-01-04 18:02:18 UTC ( 3 months, 2 weeks ago ) View latest
Antivirus Result Update
Ad-Aware Exploit.CVE-2017-11882.Gen 20190104
AhnLab-V3 OLE/Cve-2017-11882.Gen 20190104
ALYac Exploit.CVE-2017-11882.Gen 20190104
Arcabit Exploit.CVE-2017-11882.Gen 20190104
Avast Win32:ShellCode [Expl] 20190104
AVG Win32:ShellCode [Expl] 20190104
Avira (no cloud) EXP/CVE-2017-11882.Gen 20190104
BitDefender Exploit.CVE-2017-11882.Gen 20190104
ClamAV Rtf.Exploit.CVE_2017_11882-6584355-0 20190104
Cyren CVE-2017-11882.E.gen!Camelot 20190104
DrWeb Exploit.ShellCode.69 20190104
Emsisoft Exploit.CVE-2017-11882.Gen (B) 20190104
ESET-NOD32 probably a variant of Win32/Exploit.CVE-2017-11882.A 20190104
F-Secure Exploit:W97M/CVE-2017-0199.B 20190104
Fortinet MSOffice/CVE_2017_11882.BB!exploit 20190104
GData Exploit.CVE-2017-11882.Gen (2x) 20190104
Ikarus Exploit.CVE-2017-11882 20190104
Kaspersky HEUR:Exploit.MSOffice.Generic 20190104
MAX malware (ai score=84) 20190104
McAfee CVE2017-11882.bb!05B6597AFE49 20190104
McAfee-GW-Edition CVE2017-11882.bb!05B6597AFE49 20190104
Microsoft Exploit:O97M/CVE-2017-11882.L 20190104
eScan Exploit.CVE-2017-11882.Gen 20190104
NANO-Antivirus Exploit.Rtf.Heuristic-rtf.dinbqn 20190104
Qihoo-360 virus.exp.21711882.d 20190104
Rising Exploit.CVE-2017-11882!1.B40D (CLASSIC) 20190104
Sophos AV Troj/RtfExp-EQ 20190104
Symantec Exp.CVE-2017-11882!g3 20190104
TACHYON Trojan-Exploit/RTF.CVE-2017-11882 20190104
TrendMicro Trojan.W97M.CVE201711882.SMD 20190104
TrendMicro-HouseCall Trojan.W97M.CVE201711882.SMD 20190104
ZoneAlarm by Check Point HEUR:Exploit.RTF.Agent.gen 20190104
Acronis 20181227
AegisLab 20190104
Alibaba 20180921
Antiy-AVL 20190104
Avast-Mobile 20190104
Babable 20180918
Baidu 20190104
Bkav 20190104
CAT-QuickHeal 20190104
CMC 20190103
Comodo 20190104
CrowdStrike Falcon (ML) 20181022
Cybereason 20180225
Cylance 20190104
eGambit 20190104
Endgame 20181108
F-Prot 20190104
Sophos ML 20181128
Jiangmin 20190104
K7AntiVirus 20190104
K7GW 20190104
Kingsoft 20190104
Malwarebytes 20190104
Palo Alto Networks (Known Signatures) 20190104
Panda 20190104
SentinelOne (Static ML) 20181223
SUPERAntiSpyware 20190102
Tencent 20190104
TheHacker 20190104
TotalDefense 20190104
Trapmine 20190103
Trustlook 20190104
VBA32 20190104
ViRobot 20190104
Webroot 20190104
Yandex 20181229
Zillya 20190103
Zoner 20190104
The file being studied is a Rich Text Format file! RTF is a proprietary document file format with published specification developed by Microsoft Corporation since 1987 for Microsoft products and for cross-platform document interchange.
Document properties
Non ascii characters
0
Embedded drawings
0
Rtf header
rtf
Read only protection
False
User protection
False
Default character set
ANSI (default)
Custom xml data properties
0
Dos stubs
0
Objects
OLE control
Embedded pictures
0
Longest hex string
7286
ExifTool file metadata
MIMEType
text/rtf

FileType
RTF

Warning
Unspecified RTF encoding. Will assume Latin

FileTypeExtension
rtf

File identification
MD5 ba6c2fd4bc341a96dda43527d5295ca6
SHA1 acea804b1a4108be7e189fa4abff8275e565083e
SHA256 6cf027a6a99b1dd12ed7d7f1e3784aac7b21370fea4a0fcd44fc6b48a591a43d
ssdeep
96:Ffs3yvrp0vodHhW3X+gw70c9Rp57ojeoLDK4MDVVAYX:Qyrp08hZl70yUjeyKjVVAI

File size 7.2 KB ( 7349 bytes )
File type Rich Text Format
Magic literal
Rich Text Format data, unknown version

TrID Rich Text Format (100.0%)
Tags
ole-control exploit rtf cve-2017-11882

VirusTotal metadata
First submission 2019-01-04 18:02:18 UTC ( 3 months, 2 weeks ago )
Last submission 2019-01-05 22:08:12 UTC ( 3 months, 2 weeks ago )
File names burn.doc
6cf027a6a99b1dd12ed7d7f1e3784aac7b21370fea4a0fcd44fc6b48a591a43d.bin(0)
zbetcheckin_tracker_burn.doc
ExifTool file metadata
MIMEType
text/rtf

FileType
RTF

Warning
Unspecified RTF encoding. Will assume Latin

FileTypeExtension
rtf

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!