× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: acd5437e30417400dd41d5cf7c91b85f7d479b00510b9fa16e40a3cbc7ff45f4
File name: Customer statement 0001031389 as on 02052015-2.DOC
Detection ratio: 0 / 57
Analysis date: 2015-02-17 16:12:46 UTC ( 2 years, 6 months ago ) View latest
Antivirus Result Update
Ad-Aware 20150217
AegisLab 20150217
Yandex 20150216
AhnLab-V3 20150216
Alibaba 20150217
ALYac 20150217
Antiy-AVL 20150216
Avast 20150217
AVG 20150217
Avira (no cloud) 20150217
AVware 20150217
Baidu-International 20150216
BitDefender 20150217
Bkav 20150213
ByteHero 20150217
CAT-QuickHeal 20150217
ClamAV 20150217
CMC 20150214
Comodo 20150217
Cyren 20150217
DrWeb 20150217
Emsisoft 20150217
ESET-NOD32 20150217
F-Prot 20150217
F-Secure 20150217
Fortinet 20150216
GData 20150217
Ikarus 20150217
Jiangmin 20150216
K7AntiVirus 20150217
K7GW 20150217
Kaspersky 20150217
Kingsoft 20150217
Malwarebytes 20150217
McAfee 20150217
McAfee-GW-Edition 20150216
Microsoft 20150217
eScan 20150217
NANO-Antivirus 20150216
Norman 20150216
nProtect 20150216
Panda 20150216
Qihoo-360 20150217
Rising 20150216
Sophos AV 20150217
SUPERAntiSpyware 20150215
Symantec 20150217
Tencent 20150217
TheHacker 20150217
TotalDefense 20150216
TrendMicro 20150217
TrendMicro-HouseCall 20150217
VBA32 20150216
VIPRE 20150217
ViRobot 20150216
Zillya 20150216
Zoner 20150216
The file being studied follows the Compound Document File format! More specifically, it is a MS Word Document file.
Commonly abused properties
The studied file makes use of macros, a macro is a series of commands and instructions that you group together as a single command to accomplish a task automatically. Macros are often abused to perform malicious tasks when working with a document.
May open a file.
May write to a file.
May create additional files.
May create OLE objects.
Summary
last_author
1
creation_datetime
2015-01-19 14:52:00
template
Normal.dot
author
1
page_count
1
last_saved
2015-01-19 15:05:00
edit_time
720
revision_number
12
application_name
Microsoft Office Word
code_page
Cyrillic
Document summary
line_count
1
version
730895
paragraph_count
1
code_page
Cyrillic
OLE Streams
name
Root Entry
clsid
00020906-0000-0000-c000-000000000046
type_literal
root
clsid_literal
MS Word
sid
0
size
5760
type_literal
stream
size
113
name
\x01CompObj
sid
14
type_literal
stream
size
4096
name
\x05DocumentSummaryInformation
sid
4
type_literal
stream
size
4096
name
\x05SummaryInformation
sid
3
type_literal
stream
size
4096
name
1Table
sid
1
type_literal
stream
size
544
name
Macros/PROJECT
sid
13
type_literal
stream
size
92
name
Macros/PROJECTwm
sid
12
type_literal
stream
size
3081
type
macro
name
Macros/VBA/Module1
sid
8
type_literal
stream
size
21845
type
macro
name
Macros/VBA/Module11
sid
9
type_literal
stream
size
1102
type
macro
name
Macros/VBA/ThisDocument
sid
7
type_literal
stream
size
4946
name
Macros/VBA/_VBA_PROJECT
sid
10
type_literal
stream
size
598
name
Macros/VBA/dir
sid
11
type_literal
stream
size
4142
name
WordDocument
sid
2
Macros and VBA code streams
[+] ThisDocument.cls Macros/VBA/ThisDocument 33 bytes
[+] Module1.bas Macros/VBA/Module1 1220 bytes
[+] Module11.bas Macros/VBA/Module11 10680 bytes
create-file create-ole open-file write-file
ExifTool file metadata
SharedDoc
No

Author
1

CodePage
Windows Cyrillic

LinksUpToDate
No

LastModifiedBy
1

HeadingPairs
, 1

Template
Normal.dot

CharCountWithSpaces
0

CreateDate
2015:01:19 13:52:00

CompObjUserType
???????? Microsoft Office Word

ModifyDate
2015:01:19 14:05:00

HyperlinksChanged
No

Characters
0

ScaleCrop
No

RevisionNumber
12

MIMEType
application/msword

Words
0

FileType
DOC

Lines
1

AppVersion
11.9999

Security
None

Software
Microsoft Office Word

TotalEditTime
12.0 minutes

Pages
1

CompObjUserTypeLen
31

FileTypeExtension
doc

Paragraphs
1

File identification
MD5 b1e443c9898e734c46cc52f7a82b2ac1
SHA1 cfc53e61845fd968417e37dc139c1a24acadd892
SHA256 acd5437e30417400dd41d5cf7c91b85f7d479b00510b9fa16e40a3cbc7ff45f4
ssdeep
384:oRayicOxvyCs+gIJXtIplYPp/H+5+Sj+EV+49iKLvwowmAo4q8WBd/Z0jQHgk6Hd:gicSgqmTcldj9493Lvwo7u2LJHsHWa

File size 52.5 KB ( 53760 bytes )
File type MS Word Document
Magic literal
CDF V2 Document, Little Endian, Os: Windows, Version 6.1, Code page: 1251, Author: 1, Template: Normal.dot, Last Saved By: 1, Revision Number: 12, Name of Creating Application: Microsoft Office Word, Total Editing Time: 12:00, Create Time/Date: Sun Jan 18 13:52:00 2015, Last Saved Time/Date: Sun Jan 18 14:05:00 2015, Number of Pages: 1, Number of Words: 0, Number of Characters: 0, Security: 0

TrID Microsoft Word document (80.0%)
Generic OLE2 / Multistream Compound File (20.0%)
Tags
open-file doc create-file macros attachment write-file create-ole

VirusTotal metadata
First submission 2015-02-17 10:17:52 UTC ( 2 years, 6 months ago )
Last submission 2015-02-18 15:59:49 UTC ( 2 years, 6 months ago )
File names 7a5db37fcf5811cd9034e65f11881189
24866dc30d26aa1dd92cb1da78b0976d
bbd474e3d6b18718997437a534d935c8
9184a24a94bf7c99c217805cb4a68e47
Customer statement 0001031389 as on 02052015.doc
458c706dafd5031ca7b4eceda6be20a6
e1f482a63c37437ffbf8d32a5212f94a
0f31b8304d114429b3b18d8896070ed5
869bf5dab2d22d77bc7f4866a4adc712
34a9245cf1600d23b838964cb0cf315e
2d8421914c06dd8eb1ad29f36abedb8a
bf15563cd5b0547f32a7bd11c9b73762
abe4f0f2526aab24f7d742f57f289a37
acac82cd3f141b1da3126e066ff552b8
fe9f858e38877769946ddb20ede63d8e
1e738f0f2ad155feb84c2bb7414cd824
Customer statement 0001031389 as on 02052015.DOC
6dd47ff513d1dc9050c70134d376ec4a
010b97ab409899b442ac4d71c3f60f59
5fb5fe326b178e881e05bcb84ae6253c
1188f5bfd081d488ab5f75c64f746ebd
450d869710874e47724ce9f863a2910e
Customer_statement_as_on_02052015.DOC
640947e5cc31ae1a4b04f7cf187733e6
Customer statement 0001031389 as on 02052015-2.DOC
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!