× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 9372b5d6122903a95daa5bcc4c1a51eb98c41d838e83d17296013e6d00b2b621
File name: mal3.doc
Detection ratio: 6 / 56
Analysis date: 2015-10-21 11:50:13 UTC ( 3 years, 7 months ago )
Antivirus Result Update
Avira (no cloud) HEUR/Macro.Downloader 20151021
AVware LooksLike.Macro.Malware.gen!d3 (v) 20151021
Fortinet WM/Agent!tr 20151021
Panda W97M/Downloader 20151021
Sophos AV Troj/DocDl-ACU 20151021
VIPRE LooksLike.Macro.Malware.gen!d3 (v) 20151021
Ad-Aware 20151021
AegisLab 20151021
Yandex 20151020
AhnLab-V3 20151021
Alibaba 20151021
ALYac 20151021
Antiy-AVL 20151021
Arcabit 20151021
Avast 20151021
AVG 20151021
Baidu-International 20151021
BitDefender 20151021
Bkav 20151021
ByteHero 20151021
CAT-QuickHeal 20151021
ClamAV 20151021
CMC 20151021
Comodo 20151021
Cyren 20151021
DrWeb 20151021
Emsisoft 20151021
ESET-NOD32 20151021
F-Prot 20151021
F-Secure 20151021
GData 20151021
Ikarus 20151021
Jiangmin 20151020
K7AntiVirus 20151021
K7GW 20151021
Kaspersky 20151021
Kingsoft 20151021
Malwarebytes 20151021
McAfee 20151021
McAfee-GW-Edition 20151021
Microsoft 20151021
eScan 20151021
NANO-Antivirus 20151021
nProtect 20151021
Qihoo-360 20151021
Rising 20151020
SUPERAntiSpyware 20151021
Symantec 20151020
Tencent 20151021
TheHacker 20151020
TrendMicro 20151021
TrendMicro-HouseCall 20151021
VBA32 20151020
ViRobot 20151021
Zillya 20151020
Zoner 20151021
The file being studied follows the Compound Document File format! More specifically, it is a MS Word Document file.
Summary
last_author
1
creation_datetime
2015-10-21 07:16:00
template
Normal
author
1
page_count
1
last_saved
2015-10-21 07:17:00
revision_number
4
application_name
Microsoft Office Word
code_page
Cyrillic
Document summary
company
Home
version
917504
code_page
Cyrillic
OLE Streams
kids
\\x01CompObj, \\x05DocumentSummaryInformation, \\x05SummaryInformation, 1Table, Macros, WordDocument
name
Root Entry
clsid
00020906-0000-0000-c000-000000000046
type_literal
root
clsid_literal
MS Word
size
3520
type_literal
stream
md5
ba2bb1860d5a788ca9a14cbc5f35b32b
entropy
6.00311954288
name
1Table
size
10198
type_literal
stream
md5
8e9d252e51b740a99ee560b24bcb9313
entropy
1.05187808673
name
WordDocument
size
4096
type_literal
stream
md5
c7ce91327e58a9f0555cf40e8dd109e0
entropy
0.399117055667
name
\\x05SummaryInformation
size
4096
type_literal
stream
md5
a6753f797f2d81b266ee51f9d1a04294
entropy
0.259922989155
name
\\x05DocumentSummaryInformation
size
4096
type_literal
storage
kids
PROJECT, PROJECTwm, VBA
name
Macros
size
0
type_literal
storage
kids
Module1, Module2, Module3, ThisDocument, _VBA_PROJECT, dir
name
VBA
size
0
type_literal
stream
md5
1df671041ea00e84fcd731caa7adcda6
entropy
4.42107393569
name
\\x01CompObj
size
114
ExifTool file metadata
MIMEType
image/vnd.fpx

FileType
FPX

Warning
Error loading Mini-FAT stream

FileTypeExtension
fpx

File identification
MD5 aea969e529815ae652a346f130be9fe9
SHA1 a1f9dfe6b2e4e6c7abdd4f803b5d4dd9993c3a88
SHA256 9372b5d6122903a95daa5bcc4c1a51eb98c41d838e83d17296013e6d00b2b621
ssdeep
1536:ERavyoUVpI7orDL0yzPbLMwGtppGqroiv9kSolyWEfJI:SavkzI7orDL0yzPbLTGtppWiv9GyWE

File size 93.5 KB ( 95743 bytes )
File type MS Word Document
Magic literal
CDF V2 Document, corrupt: Cannot read short stream

TrID Microsoft Word document (54.2%)
Microsoft Word document (old ver.) (32.2%)
Generic OLE2 / Multistream Compound File (13.5%)
Tags
doc macros

VirusTotal metadata
First submission 2015-10-21 11:50:13 UTC ( 3 years, 7 months ago )
Last submission 2015-10-21 11:50:13 UTC ( 3 years, 7 months ago )
File names mal3.doc
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!