× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: a906ac8dca43389c14aa623ab3394c2e09c1d185ce318fc9931aa9a54a7fc605
File name: alWExploit.doc
Detection ratio: 40 / 58
Analysis date: 2018-11-13 21:42:23 UTC ( 5 months, 1 week ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.Script.767191 20181112
AhnLab-V3 RTF/Cve-2017-11882 20181113
ALYac Trojan.Script.767191 20181113
Antiy-AVL Trojan[Exploit]/OLE.CVE-2017-11882 20181113
Arcabit Trojan.Script.DBB4D7 20181113
Avira (no cloud) EXP/CVE-2017-11882.Gen 20181113
Baidu Win32.Exploit.CVE-2017-11882.b 20181112
BitDefender Trojan.Script.767191 20181113
CAT-QuickHeal Exp.RTF.CVE-2017-11882.H 20181113
ClamAV Rtf.Exploit.CVE_2017_11882-6584355-0 20181113
Comodo Exploit.Script.Agent.CVE 20181113
Cyren CVE-2017-11882.A.gen!Camelot 20181113
DrWeb Exploit.CVE2017-11882.7 20181113
Emsisoft Trojan.Script.767191 (B) 20181113
ESET-NOD32 Win32/Exploit.CVE-2017-11882.H 20181113
F-Prot RTF/CVE1711882 20181113
F-Secure Exploit:W97M/CVE-2017-0199.B 20181113
Fortinet MSOffice/CVE_2017_11882.A!exploit 20181113
GData Generic.Exploit.CVE-2017-11882.A 20181113
Ikarus Exploit.CVE-2017-11882 20181113
Jiangmin Heur:Exploit.CVE-2017-11882.Gen 20181113
K7AntiVirus Trojan ( 0051f3601 ) 20181113
K7GW Trojan ( 0051f3601 ) 20181113
Kaspersky HEUR:Exploit.MSOffice.Generic 20181113
MAX malware (ai score=94) 20181113
McAfee Exploit-CVE2017-11882.b 20181113
McAfee-GW-Edition Exploit-CVE2017-11882.b 20181113
Microsoft Exploit:O97M/Vigorf.A 20181113
eScan Trojan.Script.767191 20181113
NANO-Antivirus Exploit.OleNative.CVE-2017-11882.evenbv 20181113
Qihoo-360 virus.exp.21711882.gen 20181113
Rising Exploit.CVE-2017-11882/SLT!1.AEE3 (CLASSIC) 20181113
Sophos AV Exp/201711882-A 20181113
Symantec Exp.CVE-2017-11882 20181113
TACHYON Trojan-Exploit/RTF.CVE-2017-11882 20181113
Tencent Unk.Win32.Script.404097 20181113
TrendMicro TROJ_CVE201711882.SM 20181113
TrendMicro-HouseCall TROJ_CVE201711882.SM 20181113
ZoneAlarm by Check Point HEUR:Exploit.Win32.CVE-2017-11882.a 20181113
Zoner Probably RTFEquation 20181113
AegisLab 20181113
Alibaba 20180921
Avast 20181113
Avast-Mobile 20181113
AVG 20181113
Babable 20180918
Bkav 20181113
CMC 20181113
CrowdStrike Falcon (ML) 20180202
Cybereason 20180308
Cylance 20181113
eGambit 20181113
Endgame 20181108
Sophos ML 20181108
Kingsoft 20181113
Malwarebytes 20181113
Palo Alto Networks (Known Signatures) 20181113
Panda 20181113
SentinelOne (Static ML) 20181011
SUPERAntiSpyware 20181107
Symantec Mobile Insight 20181108
TheHacker 20181108
TotalDefense 20181113
Trustlook 20181113
VBA32 20181113
VIPRE 20181113
ViRobot 20181113
Webroot 20181113
Yandex 20181113
Zillya 20181113
The file being studied is a Rich Text Format file! RTF is a proprietary document file format with published specification developed by Microsoft Corporation since 1987 for Microsoft products and for cross-platform document interchange.
Document properties
Non ascii characters
0
Embedded drawings
20
Rtf header
rtf1
Default ansi codepage
Western European
Generator
Riched20 6.3.9600
Read only protection
False
User protection
False
Default character set
ANSI
Custom xml data properties
0
Dos stubs
0
Objects
OLE embedded (Equation.3)
Embedded pictures
1
Longest hex string
7092
Default languages
English - United States
ExifTool file metadata
MIMEType
text/rtf

FileType
RTF

FileTypeExtension
rtf

File identification
MD5 3c99993b442c76dc4fb486d3a19a9a0e
SHA1 41527499a6068bb45f2af84e54e170e2085454c8
SHA256 a906ac8dca43389c14aa623ab3394c2e09c1d185ce318fc9931aa9a54a7fc605
ssdeep
96:MvZUG5VoWxXOGsvMVyRFENYfN2oy4hM1NOO:uZUGZxKvBpvZANOO

File size 8.4 KB ( 8596 bytes )
File type Rich Text Format
Magic literal
Rich Text Format data, version 1, ANSI

TrID Rich Text Format (100.0%)
Tags
ole-embedded exploit rtf cve-2017-11882 cve-2017-0199

VirusTotal metadata
First submission 2018-11-13 19:19:29 UTC ( 5 months, 1 week ago )
Last submission 2018-11-13 21:42:23 UTC ( 5 months, 1 week ago )
File names 19899025
alWExploit.doc
ExifTool file metadata
MIMEType
text/rtf

FileType
RTF

FileTypeExtension
rtf

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!