× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 9d6f9e9cb965258c9a840158cc959fd2a2174d242361b37dcff8cdd39c7a7734
File name: 9e9cb965258c9a840158cc959fd2a2174d242361b37dcff8cdd39c7a7734.bin
Detection ratio: 24 / 56
Analysis date: 2018-10-28 13:59:44 UTC ( 5 months, 3 weeks ago ) View latest
Antivirus Result Update
Ad-Aware Exploit.RTF-ObfsStrm.Gen 20181028
AhnLab-V3 RTF/Malform-A.Gen 20181028
Antiy-AVL Trojan[Exploit]/RTF.CVE-2017-0199 20181028
Arcabit Exploit.RTF-ObfsStrm.Gen 20181028
Avira (no cloud) EXP/CVE-2017-0199.Gen 20181028
Baidu Win32.Exploit.CVE-2017-0199.g 20181026
BitDefender Exploit.RTF-ObfsStrm.Gen 20181028
CAT-QuickHeal Exp.RTF.CVE-2017-0199.AL 20181028
DrWeb Exploit.Rtf.CVE2012-0158 20181028
Emsisoft Exploit.RTF-ObfsStrm.Gen (B) 20181028
ESET-NOD32 Win32/Exploit.Agent.MY 20181028
F-Secure Exploit.RTF-ObfsStrm.Gen 20181028
GData Script.Exploit.CVE-2017-0199.A 20181028
Ikarus Exploit.CVE-2017-8570 20181028
Kaspersky HEUR:Exploit.MSOffice.Generic 20181028
MAX malware (ai score=83) 20181028
eScan Exploit.RTF-ObfsStrm.Gen 20181028
NANO-Antivirus Exploit.Rtf.Heuristic-rtf.dinbqn 20181028
Qihoo-360 susp.rtf.objupdate.c 20181028
TACHYON Suspicious/RTF.Obfus.Gen 20181028
TrendMicro Trojan.Win32.CVE201711882.SMA 20181028
TrendMicro-HouseCall Trojan.Win32.CVE201711882.SMA 20181028
ZoneAlarm by Check Point HEUR:Exploit.MSOffice.Generic 20181028
Zoner Probably RTFBadSpacing 20181027
AegisLab 20181028
Alibaba 20180921
ALYac 20181028
Avast 20181028
Avast-Mobile 20181028
AVG 20181028
Babable 20180918
Bkav 20181025
ClamAV 20181028
CMC 20181028
CrowdStrike Falcon (ML) 20181022
Cybereason 20180225
Cylance 20181028
Cyren 20181028
eGambit 20181028
Endgame 20180730
F-Prot 20181028
Fortinet 20181028
Sophos ML 20180717
Jiangmin 20181028
K7AntiVirus 20181028
K7GW 20181025
Kingsoft 20181028
Malwarebytes 20181028
McAfee 20181028
McAfee-GW-Edition 20181028
Microsoft 20181028
Palo Alto Networks (Known Signatures) 20181028
Panda 20181028
Rising 20181028
SentinelOne (Static ML) 20181011
Sophos AV 20181028
SUPERAntiSpyware 20181022
Symantec 20181027
Symantec Mobile Insight 20181026
Tencent 20181028
TheHacker 20181025
TotalDefense 20181028
Trustlook 20181028
VBA32 20181026
ViRobot 20181028
Webroot 20181028
Yandex 20181026
Zillya 20181028
The file being studied is a Rich Text Format file! RTF is a proprietary document file format with published specification developed by Microsoft Corporation since 1987 for Microsoft products and for cross-platform document interchange.
Document properties
Non ascii characters
0
Embedded drawings
0
Rtf header
rtv0
Longest hex string
1823
Read only protection
False
User protection
False
Default character set
ANSI (default)
Custom xml data properties
0
Dos stubs
0
Objects
OLE autolink (\'57\'6f\'72\'64.Document.8)
Embedded pictures
0
Default languages
English - United States, Arabic - Saudi Arabia, Chinese - People's Republic of China
File identification
MD5 7df590d5ca3fa2a53eef0afd8b4ecd33
SHA1 235fda8ac734ac1c059097ca3e6ddb71b6658513
SHA256 9d6f9e9cb965258c9a840158cc959fd2a2174d242361b37dcff8cdd39c7a7734
ssdeep
48:W/+zcrr/V/CQEEcU5HVEglNFb4Sn0v/e86nm:W/cs/V/Cy53brnI286nm

File size 42.4 KB ( 43461 bytes )
File type Rich Text Format
Magic literal
data

TrID Unknown!
Tags
rtf cve-2017-11882 cve-2017-8570 exploit ole-autolink cve-2017-0199

VirusTotal metadata
First submission 2018-10-28 13:59:44 UTC ( 5 months, 3 weeks ago )
Last submission 2018-10-28 13:59:44 UTC ( 5 months, 3 weeks ago )
File names 9e9cb965258c9a840158cc959fd2a2174d242361b37dcff8cdd39c7a7734.bin
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!