× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 757063078064634f8aed62cb66daca37578a8fb16b673168fd7bb89748efaedb
File name: Test_marx.doc
Detection ratio: 25 / 57
Analysis date: 2019-01-07 13:55:59 UTC ( 1 month, 2 weeks ago ) View latest
Antivirus Result Update
Ad-Aware Exploit.RTF-ObfsObjDat.Gen 20190107
ALYac Exploit.RTF-ObfsObjDat.Gen 20190107
Antiy-AVL Trojan[Exploit]/RTF.Obscure.Gen 20190107
Arcabit Exploit.RTF-ObfsObjDat.Gen 20190107
Avast RTF:CVE-2012-0158-CA [Expl] 20190107
AVG RTF:CVE-2012-0158-CA [Expl] 20190107
Avira (no cloud) HEUR/Rtf.Malformed 20190107
BitDefender Exploit.RTF-ObfsObjDat.Gen 20190107
Cyren CVE-2017-11882.C.gen!Camelot 20190107
Emsisoft Exploit.RTF-ObfsObjDat.Gen (B) 20190107
ESET-NOD32 probably a variant of Win32/Exploit.CVE-2017-11882.E 20190107
F-Secure Exploit.RTF-ObfsObjDat.Gen 20190107
GData Exploit.RTF-ObfsObjDat.Gen 20190107
Kaspersky HEUR:Exploit.MSOffice.Generic 20190107
MAX malware (ai score=81) 20190107
McAfee Exploit-CVE2017-11882.o 20190107
McAfee-GW-Edition Exploit-CVE2017-11882.o 20190107
Microsoft Exploit:O97M/CVE-2017-11882.K 20190107
eScan Exploit.RTF-ObfsObjDat.Gen 20190107
NANO-Antivirus Exploit.Rtf.Heuristic-rtf.dinbqn 20190107
Qihoo-360 susp.rtf.objupdate.b 20190107
Symantec Exp.CVE-2017-11882!g3 20190107
TACHYON Trojan-Exploit/RTF.CVE-2017-11882 20190107
TrendMicro HEUR_RTFMALFORM 20190107
ZoneAlarm by Check Point HEUR:Exploit.MSOffice.Generic 20190107
Acronis 20181227
AegisLab 20190107
AhnLab-V3 20190107
Alibaba 20180921
Avast-Mobile 20190106
Babable 20180918
Baidu 20190107
Bkav 20190104
CAT-QuickHeal 20190107
ClamAV 20190107
CMC 20190106
Comodo 20190107
CrowdStrike Falcon (ML) 20180202
Cybereason 20180308
Cylance 20190107
DrWeb 20190107
eGambit 20190107
Endgame 20181108
F-Prot 20190107
Fortinet 20190107
Ikarus 20190106
Sophos ML 20181128
Jiangmin 20190107
K7AntiVirus 20190107
K7GW 20190107
Kingsoft 20190107
Malwarebytes 20190107
Palo Alto Networks (Known Signatures) 20190107
Panda 20190106
Rising 20190107
SentinelOne (Static ML) 20181223
Sophos AV 20190107
SUPERAntiSpyware 20190102
Tencent 20190107
TheHacker 20190106
Trapmine 20190103
TrendMicro-HouseCall 20190107
Trustlook 20190107
VBA32 20190104
ViRobot 20190107
Webroot 20190107
Yandex 20181229
Zillya 20190105
Zoner 20190107
The file being studied is a Rich Text Format file! RTF is a proprietary document file format with published specification developed by Microsoft Corporation since 1987 for Microsoft products and for cross-platform document interchange.
Document properties
Non ascii characters
0
Embedded drawings
0
Rtf header
rtf
Read only protection
False
User protection
False
Default character set
ANSI (default)
Custom xml data properties
0
Dos stubs
0
Objects
OLE link
OLE embedded
Embedded pictures
0
Longest hex string
22
ExifTool file metadata
MIMEType
text/rtf

FileType
RTF

Warning
Unspecified RTF encoding. Will assume Latin

FileTypeExtension
rtf

File identification
MD5 0ef98e66d602670d004e6eaa986e9202
SHA1 cbcb6531dfd823a898bca79b6f136f2a4e00f807
SHA256 757063078064634f8aed62cb66daca37578a8fb16b673168fd7bb89748efaedb
ssdeep
384:QEdNE/uwi82Jiur0NGhbLpBKY3iqLnoVYX50tu2uvzj2D7F0uE:QtOJtINcKeLno+J0w2X+L

File size 59.3 KB ( 60743 bytes )
File type Rich Text Format
Magic literal
Rich Text Format data, unknown version

TrID Rich Text Format (100.0%)
Tags
ole-embedded rtf cve-2017-11882 cve-2012-0158 exploit ole-link

VirusTotal metadata
First submission 2019-01-07 13:53:55 UTC ( 1 month, 2 weeks ago )
Last submission 2019-01-07 13:53:55 UTC ( 1 month, 2 weeks ago )
File names PUTTYFILE.doc
Test_marx.doc
ExifTool file metadata
MIMEType
text/rtf

FileType
RTF

Warning
Unspecified RTF encoding. Will assume Latin

FileTypeExtension
rtf

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!