× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 9ec003badd7ab5adeb79643e3a2b8ec1f1b6984153416e4a4bd27334e07558e4
File name: PO2241.doc
Detection ratio: 23 / 57
Analysis date: 2019-03-01 17:26:14 UTC ( 2 months, 2 weeks ago ) View latest
Antivirus Result Update
Ad-Aware Exploit.CVE-2017-11882.Gen 20190301
AhnLab-V3 OLE/Cve-2017-11882.Gen 20190301
ALYac Exploit.CVE-2017-11882.Gen 20190301
Antiy-AVL Trojan[Exploit]/OLE.CVE-2017-11882 20190301
Arcabit Exploit.CVE-2017-11882.Gen 20190301
BitDefender Exploit.CVE-2017-11882.Gen 20190301
CAT-QuickHeal Exp.RTF.Obfus.Gen 20190228
Cyren CVE-2017-11882!Camelot 20190301
DrWeb Exploit.Rtf.CVE2012-0158 20190301
Emsisoft Exploit.CVE-2017-11882.Gen (B) 20190301
ESET-NOD32 probably a variant of Win32/Exploit.CVE-2017-11882.A 20190301
GData Exploit.CVE-2017-11882.Gen (2x) 20190301
Kaspersky HEUR:Exploit.MSOffice.Generic 20190301
MAX malware (ai score=80) 20190301
McAfee Exploit-CVE2017-11882.az 20190301
McAfee-GW-Edition Exploit-CVE2017-11882.az 20190301
eScan Exploit.CVE-2017-11882.Gen 20190301
NANO-Antivirus Exploit.OleNative.CVE-2017-11882.evenbv 20190301
Symantec Trojan.Gen.NPE 20190301
TACHYON Trojan-Exploit/RTF.CVE-2017-11882 20190301
Tencent Office.Exploit.Generic.Szbd 20190301
ZoneAlarm by Check Point HEUR:Exploit.Win32.CVE-2017-11882.a 20190301
Zoner Probably RTFBadVersion 20190228
Acronis 20190222
AegisLab 20190301
Alibaba 20180921
Avast 20190301
Avast-Mobile 20190301
AVG 20190301
Avira (no cloud) 20190301
Babable 20180918
Baidu 20190215
Bkav 20190301
ClamAV 20190303
CMC 20190301
Comodo 20190301
CrowdStrike Falcon (ML) 20180202
Cybereason 20180308
Cylance 20190301
eGambit 20190301
Endgame 20190215
F-Prot 20190301
F-Secure 20190301
Fortinet 20190301
Sophos ML 20181128
Jiangmin 20190301
K7AntiVirus 20190301
K7GW 20190301
Kingsoft 20190301
Malwarebytes 20190301
Microsoft 20190303
Palo Alto Networks (Known Signatures) 20190301
Panda 20190301
Qihoo-360 20190301
Rising 20190303
SentinelOne (Static ML) 20190203
Sophos AV 20190301
SUPERAntiSpyware 20190227
Symantec Mobile Insight 20190220
TheHacker 20190225
TotalDefense 20190303
Trapmine 20190301
TrendMicro 20190303
TrendMicro-HouseCall 20190303
Trustlook 20190301
VBA32 20190301
ViRobot 20190301
Webroot 20190301
Yandex 20190301
Zillya 20190228
The file being studied is a Rich Text Format file! RTF is a proprietary document file format with published specification developed by Microsoft Corporation since 1987 for Microsoft products and for cross-platform document interchange.
Summary
Revision time
2018-11-22 15:29:00
Version number
57435
Editing time
0
Author
gdsgf fdsgfdshr
Number of pages
3
Creation time
2018-11-22 15:29:00
Operator
gdsgf fdsgfdshr
Version
2
Number of characters
78
Number of words
13
Number of non whitespace characters
90
Document properties
Non ascii characters
0
Embedded drawings
0
Rtf header
rtlch
Default ansi codepage
Western European
Read only protection
False
User protection
False
Default character set
ANSI
Custom xml data properties
1
Dos stubs
0
Objects
OLE embedded
Embedded pictures
0
Longest hex string
6268
Default languages
English - United States, Arabic - Saudi Arabia
File identification
MD5 ce119b36409fc9b2fbb1706a0cb258ed
SHA1 07e6899a5e70dd3bc679afb70668566e0a870694
SHA256 9ec003badd7ab5adeb79643e3a2b8ec1f1b6984153416e4a4bd27334e07558e4
ssdeep
6144:K7p1JKaoX5pPx2WJ89syE4m6jTL92K8xAbh05X+XZj7qp6H3EQ3lqqpt7wPCIUGa:G

File size 266.8 KB ( 273180 bytes )
File type Rich Text Format
Magic literal
ASCII text, with very long lines, with CRLF, LF line terminators

TrID Unknown!
Tags
cve-2012-0158 ole-embedded exploit rtf cve-2017-11882

VirusTotal metadata
First submission 2019-03-01 17:26:14 UTC ( 2 months, 2 weeks ago )
Last submission 2019-03-01 17:26:14 UTC ( 2 months, 2 weeks ago )
File names PO2241.doc
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!