× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 782d541e6e3daa80053ecd4eb5fe5ea5319aee6c1d6f00ac0acc7f8dc4bc0a83
File name: Rechnung_Nr_06555_382958293333.doc
Detection ratio: 18 / 57
Analysis date: 2019-02-07 08:06:29 UTC ( 1 month, 1 week ago ) View latest
Antivirus Result Update
Ad-Aware VB.EmoDldr.4.Gen 20190206
Avast Script:SNH-gen [Trj] 20190206
AVG Script:SNH-gen [Trj] 20190206
BitDefender VB.EmoDldr.4.Gen 20190206
Fortinet VBA/Agent.AFD!tr.dldr 20190206
GData VB.EmoDldr.4.Gen 20190206
Ikarus Trojan.VBA.Agent 20190206
K7AntiVirus Trojan ( 005464381 ) 20190206
K7GW Trojan ( 005464381 ) 20190206
MAX malware (ai score=73) 20190207
McAfee W97M/Downloader.cqc 20190206
McAfee-GW-Edition W97M/Downloader.cqc 20190206
NANO-Antivirus Trojan.Ole2.Vbs-heuristic.druvzi 20190206
Symantec ISB.Downloader!gen80 20190206
TACHYON Suspicious/XML.Obfus.Gen.6 20190206
Tencent Heur.Macro.Generic.Gen.f 20190207
TrendMicro HEUR_VBA.O.ELBP 20190206
Zoner Probably MacroXML 20190206
Acronis 20190130
AegisLab 20190206
AhnLab-V3 20190206
Alibaba 20180921
ALYac 20190206
Antiy-AVL 20190206
Arcabit 20190206
Avast-Mobile 20190206
Avira (no cloud) 20190206
Babable 20180917
Baidu 20190201
Bkav 20190201
CAT-QuickHeal 20190206
ClamAV 20190206
CMC 20190206
Comodo 20190206
CrowdStrike Falcon (ML) 20181023
Cybereason 20190109
Cylance 20190207
Cyren 20190206
DrWeb 20190206
eGambit 20190207
Emsisoft 20190206
Endgame 20181108
ESET-NOD32 20190206
F-Prot 20190206
F-Secure 20190206
Sophos ML 20181128
Jiangmin 20190206
Kaspersky 20190206
Kingsoft 20190207
Malwarebytes 20190206
Microsoft 20190206
eScan 20190206
Palo Alto Networks (Known Signatures) 20190207
Panda 20190206
Qihoo-360 20190207
Rising 20190206
SentinelOne (Static ML) 20190203
Sophos AV 20190206
SUPERAntiSpyware 20190206
TheHacker 20190203
TotalDefense 20190206
Trapmine 20190123
TrendMicro-HouseCall 20190206
Trustlook 20190207
VBA32 20190206
ViRobot 20190206
Webroot 20190207
Yandex 20190206
Zillya 20190206
ZoneAlarm by Check Point 20190206
File identification
MD5 41b039167e4b47f4010bebf932437bfa
SHA1 0f51a0c661cfd41dbea1df02f3ffc8e57a88b4f4
SHA256 782d541e6e3daa80053ecd4eb5fe5ea5319aee6c1d6f00ac0acc7f8dc4bc0a83
ssdeep
3072:KxLcHQpK2R7Lp94jxA6z9XPpjL/xSu90OoiLuDKZXfwKeljR1y:r/29H49A6zphxUOmD+XfwL2

File size 259.3 KB ( 265565 bytes )
File type XML
Magic literal
XML document text

TrID file seems to be plain text/ASCII (0.0%)
Tags
xml

VirusTotal metadata
First submission 2019-02-07 07:41:32 UTC ( 1 month, 1 week ago )
Last submission 2019-02-07 15:41:11 UTC ( 1 month, 1 week ago )
File names 2417640426561961.doc
Dokumente_298886996.doc
KKK8495881895815281078.doc
BURJ69679050034146642_2019.doc
Informationen_63419402900.doc
PAY498960681833041.doc
98212515737354419.doc
8481236094354731_2019.doc
LG1780415863802207209.doc
UYE21645719827356756192.doc
Rechnung_Nr_06555_382958293333.doc
HGQR4361692839_2019.doc
emotet_e2_782d541e6e3daa80053ecd4eb5fe5ea5319aee6c1d6f00ac0acc7f8dc4bc0a83_2019-02-07__080002.doc
655779249781554_2019.doc
9197404547183650909.doc
ExifTool file metadata
WordDocumentFontsFontPitchVal
variable

WordDocumentBodySectPRPictShapeType
#_x0000_t75

WordDocumentBodySectPRPictShapeStyle
width:468pt;height:349.5pt;visibility:visible;mso-wrap-style:square

WordDocumentDocumentPropertiesCharacters
7

WordDocumentBodySectSectPrPgMarBottom
1440

WordDocumentStylesStyleNameVal
Normal

WordDocumentStylesStyleRPrLangBidi
AR-SA

WordDocumentBodySectPRPictShapetypeId
_x0000_t75

MIMEType
application/xml

WordDocumentStylesStyleTblPrTblCellMarTopType
dxa

WordDocumentBodySectPRPictShapeSpid
_x0000_i1025

WordDocumentStylesStyleRsidVal
005A24B1

WordDocumentBodySectPRPictShapetypePathConnecttype
rect

WordDocumentBodySectSectPrPgMarRight
1440

WordDocumentShapeDefaultsShapelayoutIdmapExt
edit

WordDocumentBodySectPRPictShapetypePathExtrusionok
f

WordDocumentShapeDefaultsShapedefaultsExt
edit

WordDocumentBodySectPRPictShapeId
Picture 1

WordDocumentStylesStyleTblPrTblCellMarRightType
dxa

WordDocumentFontsFontName
Times New Roman

WordDocumentBodySectPRPictShapetypeFormulasFEqn
if lineDrawn pixelLineWidth 0

WordDocumentStylesStyleTblPrTblCellMarTopW
0

WordDocumentFontsDefaultFontsCs
Times New Roman

WordDocumentBodySectPRPictShapetypeLockAspectratio
t

WordDocumentStylesStylePPrSpacingLine
259

WordDocumentDocSuppDataBinDataName
Jz4HWBO

WordDocumentDocPrZoomPercent
100

WordDocumentBodySectSectPrPgSzH
15840

WordDocumentFontsDefaultFontsAscii
Calibri

WordDocumentStylesStyleStyleId
Normal

WordDocumentBodySectSectPrPgSzW
12240

WordDocumentBodySectPRPictShapetypePreferrelative
t

WordDocumentStylesStylePPrSpacingAfter
160

WordDocumentOcxPresent
no

WordDocumentStylesStyleTblPrTblIndType
dxa

WordDocumentDocPrRsidsRsidRootVal
005E6EE1

WordDocumentDocumentPropertiesLastSaved
2019:02:07 07:19:00Z

WordDocumentBodySectPRPictShapetypeLockExt
edit

WordDocumentBodySectSectPrPgMarLeft
1440

WordDocumentBodySectSectPrColsSpace
720

FileType
XML

WordDocumentDocumentPropertiesPages
1

WordDocumentStylesLatentStylesLsdExceptionName
Normal

WordDocumentStylesStyleTblPrTblCellMarRightW
108

WordDocumentDocPrDefaultTabStopVal
720

WordDocumentDocumentPropertiesRevision
1

WordDocumentBodySectSectPrPgMarFooter
720

WordDocumentDocumentPropertiesTotalTime
0

WordDocumentBodySectSectPrPgMarTop
1440

WordDocumentStylesStyleUiNameVal
Table Normal

WordDocumentBodySectSectPrPgMarHeader
720

WordDocumentDocumentPropertiesParagraphs
1

WordDocumentBodySectPRRsidRPr
00283855

WordDocumentBodySectPRsidR
00021211

WordDocumentBodySectPRPictShapetypeStroked
f

WordDocumentBodySectPRPictShapetypeCoordsize
21600,21600

WordDocumentDocPrCharacterSpacingControlVal
DontCompress

WordDocumentEmbeddedObjPresent
no

WordDocumentStylesStyleRPrRFontsAscii
Tahoma

WordDocumentStylesVersionOfBuiltInStylenamesVal
7

WordDocumentIgnoreSubtreeVal
http://schemas.microsoft.com/office/word/2003/wordml/sp2

WordDocumentBodySectPRPictBinData
(Binary data 145376 bytes, use -b option to extract)

WordDocumentStylesStyleTblPrTblCellMarBottomType
dxa

WordDocumentFontsFontCharsetVal
00

WordDocumentDocumentPropertiesLines
1

WordDocumentStylesStyleTblPrTblCellMarBottomW
0

WordDocumentStylesLatentStylesDefLockedState
off

WordDocumentDocPrRsidsRsidVal
00021211

WordDocumentBodySectPRPictShapetypeFilled
f

WordDocumentBodySectPRPictShapeImagedataSrc
wordml://YOKiwRd80Yhw

WordDocumentBodySectPRPictShapetypeStrokeJoinstyle
miter

WordDocumentDocumentPropertiesCharactersWithSpaces
7

WordDocumentStylesStyleLinkVal
BalloonTextChar

WordDocumentStylesLatentStylesLatentStyleCount
375

WordDocumentDocPrAlwaysShowPlaceholderTextVal
off

WordDocumentBodySectPRPictShapetypePath
m@4@5l@4@11@9@11@9@5xe

WordDocumentDocumentPropertiesCreated
2019:02:07 07:19:00Z

WordDocumentStylesStyleRPrRFontsCs
Tahoma

WordDocumentBodySectSectPrPgMarGutter
0

WordDocumentDocPrViewVal
print

WordDocumentBodySectPRsidRDefault
00021211

WordDocumentDocSuppDataBinData
(Binary data 85190 bytes, use -b option to extract)

WordDocumentStylesStyleTblPrTblCellMarLeftW
108

WordDocumentMacrosPresent
yes

WordDocumentFontsFontFamilyVal
Roman

WordDocumentStylesStyleRPrLangVal
EN-US

WordDocumentDocumentPropertiesWords
1

WordDocumentStylesStyleTblPrTblIndW
0

WordDocumentFontsDefaultFontsFareast
Calibri

WordDocumentStylesStyleRPrSzVal
22

FileTypeExtension
xml

WordDocumentShapeDefaultsShapelayoutExt
edit

WordDocumentBodySectPRPictShapetypePathGradientshapeok
t

WordDocumentStylesStyleRPrLangFareast
EN-US

WordDocumentShapeDefaultsShapedefaultsSpidmax
1026

WordDocumentStylesStyleBasedOnVal
Normal

WordDocumentBodySectPRPictBinDataName
wordml://YOKiwRd80Yhw

WordDocumentBodySectSectPrRsidR
005E6EE1

WordDocumentDocPrPixelsPerInchVal
120

WordDocumentDocPrIgnoreMixedContentVal
off

WordDocumentBodySectPRPictShapetypeSpt
75

WordDocumentStylesStyleRPrFontVal
Calibri

WordDocumentStylesStyleTblPrTblCellMarLeftType
dxa

WordDocumentDocPrSaveInvalidXMLVal
off

WordDocumentDocumentPropertiesVersion
16

WordDocumentStylesStyleDefault
on

WordDocumentShapeDefaultsShapelayoutIdmapData
1

WordDocumentStylesStyleType
paragraph

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!