× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 90e555a92c839cd28488db23846e4b0e89c4d81f84d96c6cf27a9acbfb5ebbf2
File name: tricky1.docx
Detection ratio: 1 / 54
Analysis date: 2016-01-16 15:26:39 UTC ( 3 years, 2 months ago ) View latest
Antivirus Result Update
Microsoft Exploit:Win32/Hatesiwuf.gen!A 20160116
Ad-Aware 20160116
AegisLab 20160116
Yandex 20160116
AhnLab-V3 20160116
Alibaba 20160115
ALYac 20160116
Antiy-AVL 20160116
Arcabit 20160116
Avast 20160116
AVG 20160116
Avira (no cloud) 20160116
AVware 20160111
Baidu-International 20160116
BitDefender 20160116
Bkav 20160116
ByteHero 20160116
CAT-QuickHeal 20160116
ClamAV 20160116
CMC 20160111
Comodo 20160116
Cyren 20160116
DrWeb 20160116
Emsisoft 20160116
ESET-NOD32 20160116
F-Prot 20160116
F-Secure 20160116
Fortinet 20160116
GData 20160116
Ikarus 20160116
Jiangmin 20160116
K7AntiVirus 20160116
K7GW 20160116
Kaspersky 20160116
Malwarebytes 20160116
McAfee 20160116
McAfee-GW-Edition 20160116
eScan 20160116
NANO-Antivirus 20160116
nProtect 20160115
Panda 20160116
Qihoo-360 20160116
Rising 20160116
Sophos AV 20160116
SUPERAntiSpyware 20160116
Symantec 20160115
TheHacker 20160116
TrendMicro 20160116
TrendMicro-HouseCall 20160116
VBA32 20160115
VIPRE 20160116
ViRobot 20160116
Zillya 20160116
Zoner 20160116
The file being studied follows the Open XML file format! More specifically, it is a Office Open XML Document file.
Content types
bin
rels
wmf
xml
Package relationships
word/document.xml
docProps/app.xml
docProps/core.xml
Core document properties
dc:creator
Admin
cp:lastModifiedBy
Admin
cp:revision
2
dcterms:created
2013-05-13T09:20:00Z
dcterms:modified
2013-05-13T09:20:00Z
Application document properties
Template
Normal
TotalTime
0
Pages
1
Words
9
Characters
52
Application
Microsoft Office Word
DocSecurity
0
Lines
1
Paragraphs
1
ScaleCrop
false
vt:lpstr
Title
vt:i4
1
LinksUpToDate
false
CharactersWithSpaces
60
SharedDoc
false
HyperlinksChanged
false
AppVersion
14.0000
Document languages
Language
Prevalence
en-sg
2
en-us
1
ar-sa
1
ExifTool file metadata
SharedDoc
No

HyperlinksChanged
No

LinksUpToDate
No

LastModifiedBy
Admin

HeadingPairs
Title, 1

ZipFileName
docProps/

Template
Normal

ZipRequiredVersion
10

ModifyDate
2013:05:13 09:20:00Z

ZipCRC
0x00000000

Words
9

ScaleCrop
No

RevisionNumber
2

MIMEType
application/vnd.openxmlformats-officedocument.wordprocessingml.document

ZipBitFlag
0

CreateDate
2013:05:13 09:20:00Z

Lines
1

AppVersion
14.0

ZipUncompressedSize
0

ZipCompressedSize
0

Characters
52

CharactersWithSpaces
60

DocSecurity
None

ZipModifyDate
2016:01:16 16:21:16

FileType
DOCX

Application
Microsoft Office Word

TotalEditTime
0

ZipCompression
None

Pages
1

Creator
Admin

FileTypeExtension
docx

Paragraphs
1

The file being studied is a compressed stream! Details about the compressed contents follow.
Contained files
Compression metadata
Contained files
27
Uncompressed size
296728
Highest datetime
2016-01-16 16:21:16
Lowest datetime
2014-12-12 01:59:54
Contained files by extension
xml
11
bin
2
i64
1
idb
1
wmf
1
Contained files by type
XML
14
directory
8
unknown
4
Microsoft Office
1
File identification
MD5 cceb5cbbd8ef3b68f276ac3e2a76d2d6
SHA1 510dc291df7702b843b90da466cd53529b7f6008
SHA256 90e555a92c839cd28488db23846e4b0e89c4d81f84d96c6cf27a9acbfb5ebbf2
ssdeep
768:yHIFKFqGERiHS2bTdOtbgjZ27WCkozzunqqMRW8+AIvO9BSpZ5f+ZrS4:tYEYx/oY5CjziEW8QxN+R

File size 50.1 KB ( 51321 bytes )
File type Office Open XML Document
Magic literal
Zip archive data, at least v1.0 to extract

TrID Word Microsoft Office Open XML Format document (51.0%)
Open Packaging Conventions container (38.0%)
ZIP compressed archive (8.6%)
PrintFox/Pagefox bitmap (var. P) (2.1%)
Tags
docx

VirusTotal metadata
First submission 2016-01-16 15:26:39 UTC ( 3 years, 2 months ago )
Last submission 2016-01-22 20:11:19 UTC ( 3 years, 1 month ago )
File names tricky1.docx
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!