× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 9f3822a4c6a824eae53239d2d1b9a1d6b15038311626f1374b76126dc693cdc3
File name: zbetcheckin_tracker_important.doc
Detection ratio: 1 / 58
Analysis date: 2018-11-30 03:40:58 UTC ( 2 months, 2 weeks ago ) View latest
Antivirus Result Update
Baidu MSWord.Trojan.EncPackage.a 20181129
Ad-Aware 20181130
AegisLab 20181130
AhnLab-V3 20181129
Alibaba 20180921
ALYac 20181130
Antiy-AVL 20181130
Arcabit 20181130
Avast 20181130
Avast-Mobile 20181129
AVG 20181130
Avira (no cloud) 20181129
Babable 20180918
BitDefender 20181130
Bkav 20181129
CAT-QuickHeal 20181129
ClamAV 20181129
CMC 20181129
Comodo 20181130
CrowdStrike Falcon (ML) 20181022
Cybereason 20180308
Cylance 20181130
Cyren 20181130
DrWeb 20181130
eGambit 20181130
Emsisoft 20181130
Endgame 20181108
ESET-NOD32 20181130
F-Prot 20181130
F-Secure 20181130
Fortinet 20181130
Ikarus 20181129
Sophos ML 20181128
Jiangmin 20181130
K7AntiVirus 20181129
K7GW 20181129
Kaspersky 20181130
Kingsoft 20181130
Malwarebytes 20181130
MAX 20181130
McAfee 20181130
McAfee-GW-Edition 20181130
Microsoft 20181130
eScan 20181130
NANO-Antivirus 20181130
Palo Alto Networks (Known Signatures) 20181130
Panda 20181129
Qihoo-360 20181130
Rising 20181130
SentinelOne (Static ML) 20181011
Sophos AV 20181130
SUPERAntiSpyware 20181128
Symantec 20181129
Symantec Mobile Insight 20181121
TACHYON 20181130
Tencent 20181130
TheHacker 20181129
TotalDefense 20181129
TrendMicro 20181130
TrendMicro-HouseCall 20181130
Trustlook 20181130
VBA32 20181129
VIPRE 20181129
ViRobot 20181129
Webroot 20181130
Yandex 20181129
Zillya 20181129
ZoneAlarm by Check Point 20181130
Zoner 20181130
The file being studied follows the Compound Document File format! More specifically, it is a MS Word Document file.
Summary
subject
eigxpebe
code_page
Latin I
author
fmbln
OLE Streams
name
Root Entry
clsid
type_literal
root
clsid_literal
on
sid
0
size
1024
type_literal
stream
sid
12
name
\x05SummaryInformation
size
140
type_literal
stream
sid
8
name
\x06DataSpaces/DataSpaceInfo/StrongEncryptionDataSpace
size
64
type_literal
stream
sid
6
name
\x06DataSpaces/DataSpaceMap
size
112
type_literal
stream
sid
11
name
\x06DataSpaces/TransformInfo/StrongEncryptionTransform/\x06Primary
size
208
type_literal
stream
sid
5
name
\x06DataSpaces/Version
size
76
type_literal
stream
sid
3
name
EncryptedPackage
size
31672
type_literal
stream
sid
2
name
EncryptionInfo
size
224
type_literal
stream
sid
1
name
WordDocument
size
4096
ExifTool file metadata
MIMEType
image/vnd.fpx

Author
fmbln

LocaleIndicator
1033

Warning
[minor] Invalid FIB signature

FileTypeExtension
fpx

CodePage
Windows Latin 1 (Western European)

FileType
FPX

Subject
eigxpebe

File identification
MD5 ea00fbfcaf1e9877cd635c8b3115618a
SHA1 d41b1f2c021f1b4866c5c9afb3662af65e7872f1
SHA256 9f3822a4c6a824eae53239d2d1b9a1d6b15038311626f1374b76126dc693cdc3
ssdeep
768:81/Z21y/n5qku/yJazFdamXIIJCcg+GEFT6GbA6E:uZ2kYesPIwTY

File size 39.5 KB ( 40448 bytes )
File type MS Word Document
Magic literal
CDF V2 Document, Little Endian, Os: Windows, Version 10.0, Code page: 1252, Locale ID: 1033, Author: fmbln, Subject: eigxpebe

TrID Generic OLE2 / Multistream Compound File (100.0%)
Tags
doc

VirusTotal metadata
First submission 2018-11-30 03:40:58 UTC ( 2 months, 2 weeks ago )
Last submission 2018-12-01 18:33:23 UTC ( 2 months, 2 weeks ago )
File names zbetcheckin_tracker_important.doc
important.doc
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!