× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: a4d8cb50f23010e3a716d0fc187a7ef96032eacea8a590a0c8ae46dbe38d6a3a
File name: doc.doc
Detection ratio: 38 / 59
Analysis date: 2018-07-05 06:22:40 UTC ( 9 months, 3 weeks ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.Script.767191 20180705
AhnLab-V3 RTF/Cve-2017-11882 20180705
ALYac Trojan.Script.767191 20180705
Antiy-AVL Trojan[Exploit]/OLE.CVE-2017-11882 20180705
Arcabit Trojan.Script.DBB4D7 20180705
Avira (no cloud) EXP/CVE-2017-11882.Gen 20180704
Baidu Win32.Exploit.CVE-2017-11882.b 20180705
BitDefender Trojan.Script.767191 20180705
CAT-QuickHeal Exp.RTF.CVE-2017-11882.H 20180704
ClamAV Rtf.Exploit.CVE_2017_11882-6398227-0 20180704
Cyren CVE-2017-11882.A.gen!Camelot 20180705
DrWeb Exploit.CVE2017-11882.7 20180705
Emsisoft Trojan.Script.767191 (B) 20180705
ESET-NOD32 Win32/Exploit.CVE-2017-11882.H 20180705
F-Prot RTF/CVE1711882 20180705
F-Secure Exploit:W97M/CVE-2017-0199.B 20180705
Fortinet MSOffice/CVE_2017_11882.A!exploit 20180705
GData Generic.Exploit.CVE-2017-11882.A 20180705
Ikarus Exploit.CVE-2017-11882 20180704
Jiangmin Heur:Exploit.CVE-2017-11882.Gen 20180705
K7AntiVirus Trojan ( 0051f3601 ) 20180705
K7GW Trojan ( 0051f3601 ) 20180705
Kaspersky HEUR:Exploit.MSOffice.Generic 20180705
MAX malware (ai score=83) 20180705
McAfee Exploit-CVE2017-11882.b 20180705
McAfee-GW-Edition Exploit-CVE2017-11882.b 20180705
Microsoft Trojan:Script/Foretype.A!ml 20180705
eScan Trojan.Script.767191 20180705
NANO-Antivirus Exploit.OleNative.CVE-2017-11882.evenbv 20180705
Qihoo-360 virus.exp.21711882.gen 20180705
Rising Exploit.CVE-2017-11882.Gen!1.AFD5 (CLASSIC) 20180705
Sophos AV Exp/201711882-A 20180705
Symantec Exp.CVE-2017-11882 20180705
TACHYON Trojan-Exploit/RTF.CVE-2017-11882 20180705
TrendMicro TROJ_CVE201711882.SM 20180705
TrendMicro-HouseCall TROJ_CVE201711882.SM 20180705
ZoneAlarm by Check Point HEUR:Exploit.Win32.CVE-2017-11882.a 20180705
Zoner Probably RTFEquation 20180704
AegisLab 20180705
Alibaba 20180704
Avast 20180705
Avast-Mobile 20180705
AVG 20180705
AVware 20180705
Babable 20180406
Bkav 20180704
CMC 20180704
Comodo 20180705
CrowdStrike Falcon (ML) 20180530
Cybereason 20180225
Cylance 20180705
eGambit 20180705
Endgame 20180612
Sophos ML 20180601
Kingsoft 20180705
Malwarebytes 20180705
Palo Alto Networks (Known Signatures) 20180705
Panda 20180704
SentinelOne (Static ML) 20180701
SUPERAntiSpyware 20180704
Tencent 20180705
TheHacker 20180628
Trustlook 20180705
VBA32 20180704
VIPRE 20180705
ViRobot 20180704
Webroot 20180705
Yandex 20180704
Zillya 20180704
The file being studied is a Rich Text Format file! RTF is a proprietary document file format with published specification developed by Microsoft Corporation since 1987 for Microsoft products and for cross-platform document interchange.
Document properties
Non ascii characters
0
Embedded drawings
20
Rtf header
rtf1
Default ansi codepage
Western European
Generator
Riched20 6.3.9600
Read only protection
False
User protection
False
Default character set
ANSI
Custom xml data properties
0
Dos stubs
0
Objects
OLE embedded (Equation.3)
Embedded pictures
1
Longest hex string
7092
Default languages
English - United States
ExifTool file metadata
MIMEType
text/rtf

FileType
RTF

FileTypeExtension
rtf

File identification
MD5 e264dd487704623efc2b13c759b9bf2e
SHA1 22136a31df67a48ffab7b0a0fa7dabaa46e3d7b3
SHA256 a4d8cb50f23010e3a716d0fc187a7ef96032eacea8a590a0c8ae46dbe38d6a3a
ssdeep
96:MvZUG5VoWxkOGsvMVyRFENYfN2oy4hM1NOO:uZUGZxZvBpvZANOO

File size 8.4 KB ( 8596 bytes )
File type Rich Text Format
Magic literal
Rich Text Format data, version 1, ANSI

TrID Rich Text Format (100.0%)
Tags
ole-embedded exploit rtf cve-2017-11882 cve-2017-0199

VirusTotal metadata
First submission 2018-07-05 06:22:40 UTC ( 9 months, 3 weeks ago )
Last submission 2018-07-09 18:05:40 UTC ( 9 months, 2 weeks ago )
File names doc.doc
output.113566963.txt
doc.doc
ExifTool file metadata
MIMEType
text/rtf

FileType
RTF

FileTypeExtension
rtf

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!