× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: af5828503e6aebeaab1d87066e8bb6329cbee329014d50e1029d0c410798b9e7
File name: t58x46dy71np14vc10vm40j87fi12o.docx
Detection ratio: 29 / 58
Analysis date: 2017-05-01 12:10:09 UTC ( 3 months, 2 weeks ago )
Antivirus Result Update
ALYac Trojan.GenericKD.3830794 20170501
Arcabit Trojan.Generic.D3A740A 20170501
Avast VBS:Downloader-AKT [Trj] 20170501
Avira (no cloud) VBS/Dldr.Agent.32458 20170501
Baidu VBS.Trojan-Downloader.Agent.sq 20170428
BitDefender Trojan.GenericKD.3830794 20170501
CAT-QuickHeal OLE.Downloader.VBS.A 20170430
Cyren ZIP/Trojan.ACGI-8 20170501
Emsisoft Trojan.GenericKD.3830794 (B) 20170501
ESET-NOD32 VBS/TrojanDownloader.Agent.ONO 20170501
F-Secure Trojan.GenericKD.3830794 20170501
Fortinet WM/Agent.FFA6!tr.dldr 20170501
GData Trojan.GenericKD.3830794 20170501
Ikarus Trojan-Downloader.VBS.Agent 20170501
Kaspersky HEUR:Trojan-Downloader.Script.Generic 20170501
McAfee W97M/Dropper!37AE1EC5670F 20170501
McAfee-GW-Edition W97M/Dropper!37AE1EC5670F 20170501
Microsoft TrojanDownloader:JS/Swabfex.P 20170501
eScan Trojan.GenericKD.3830794 20170501
NANO-Antivirus Trojan.Script.Vbs-heuristic.druvzi 20170501
Qihoo-360 virus.vbs.qexvmc.1 20170501
Rising Downloader.Generic!8.141 (cloud:wHI3LfRyuwO) 20170501
Sophos AV Troj/DocDl-FIJ 20170501
Symantec Trojan.Gen.NPE 20170430
Tencent Vbs.Trojan-downloader.Agent.Altb 20170501
TrendMicro VBS_DLO.D8FB6891 20170501
TrendMicro-HouseCall VBS_DLO.D8FB6891 20170501
ViRobot DOC.Z.Agent.72297[h] 20170501
ZoneAlarm by Check Point HEUR:Trojan-Downloader.Script.Generic 20170501
Ad-Aware 20170501
AegisLab 20170501
AhnLab-V3 20170501
Alibaba 20170428
Antiy-AVL 20170501
AVG 20170501
AVware 20170501
ClamAV 20170430
CMC 20170427
Comodo 20170501
CrowdStrike Falcon (ML) 20170130
DrWeb 20170501
Endgame 20170419
F-Prot 20170501
Sophos ML 20170413
Jiangmin 20170428
K7AntiVirus 20170501
K7GW 20170426
Kingsoft 20170501
Malwarebytes 20170501
nProtect 20170501
Palo Alto Networks (Known Signatures) 20170501
Panda 20170501
SentinelOne (Static ML) 20170330
SUPERAntiSpyware 20170501
Symantec Mobile Insight 20170428
TheHacker 20170429
TotalDefense 20170426
Trustlook 20170501
VBA32 20170429
VIPRE 20170501
Webroot 20170501
WhiteArmor 20170409
Yandex 20170428
Zillya 20170428
Zoner 20170501
The file being studied follows the Open XML file format! More specifically, it is a Office Open XML Document file.
Content types
bin
rels
emf
jpg
xml
Package relationships
word/document.xml
docProps/app.xml
docProps/core.xml
Core document properties
dc:creator
saudis
lastModifiedBy
colleagues
revision
4
dcterms:created
2016-12-01T16:57:00.0000000Z
dcterms:modified
2016-12-02T12:22:00.0000000Z
Application document properties
Template
Normal.dotm
TotalTime
22
Pages
1
Words
604
Characters
3447
Application
Microsoft Office Word
DocSecurity
0
Lines
28
Paragraphs
8
ScaleCrop
false
vt:lpstr
Title
vt:i4
1
Company
Organization
LinksUpToDate
false
CharactersWithSpaces
4043
SharedDoc
false
HyperlinksChanged
false
AppVersion
15.0000
Document languages
Language
Prevalence
en-us
2
ar-sa
1
ExifTool file metadata
SharedDoc
No

CorePropertiesModified
2016-12-02T12:22:00.0000000Z

HyperlinksChanged
No

LinksUpToDate
No

CorePropertiesCreatedType
dcterms:W3CDTF

HeadingPairs
Title, 1

ZipFileName
[Content_Types].xml

Template
Normal.dotm

CorePropertiesXmlns
http://schemas.openxmlformats.org/package/2006/metadata/core-properties

ZipRequiredVersion
20

ZipCRC
0xafb86bde

Company
Organization

ZipBitFlag
0x0006

CorePropertiesCreated
2016-12-01T16:57:00.0000000Z

Characters
3447

Pages
1

MIMEType
application/vnd.openxmlformats-officedocument.wordprocessingml.document

Words
604

FileType
DOCX

Lines
28

AppVersion
15.0

ZipUncompressedSize
1775

ZipCompressedSize
399

CorePropertiesRevision
4

CharactersWithSpaces
4043

DocSecurity
None

ZipModifyDate
1980:01:01 00:00:00

Application
Microsoft Office Word

TotalEditTime
22 minutes

CorePropertiesCreator
saudis

ZipCompression
Deflated

ScaleCrop
No

FileTypeExtension
docx

Paragraphs
8

CorePropertiesLastModifiedBy
colleagues

CorePropertiesModifiedType
dcterms:W3CDTF

The file being studied is a compressed stream! Details about the compressed contents follow.
Contained files
Compression metadata
Contained files
22
Uncompressed size
162831
Highest datetime
2016-12-02 13:22:44
Lowest datetime
1980-01-01 00:00:00
Contained files by extension
xml
11
bin
4
emf
4
jpg
1
Contained files by type
XML
12
unknown
5
Microsoft Office
4
JPG
1
File identification
MD5 7eab96d2bc04ca155de035815b88ee00
SHA1 3eb8644cb7c1a4bc883f90cf0f14ba280b9561e6
SHA256 af5828503e6aebeaab1d87066e8bb6329cbee329014d50e1029d0c410798b9e7
ssdeep
1536:+54YSv131YiWNWlcXYtCVEPXnYdY9fTTy:+7Sv13SiWNWyYt5XYq5W

File size 70.6 KB ( 72297 bytes )
File type Office Open XML Document
Magic literal
Zip archive data, at least v2.0 to extract

TrID Word Microsoft Office Open XML Format document (52.2%)
Open Packaging Conventions container (38.8%)
ZIP compressed archive (8.8%)
Tags
docx

VirusTotal metadata
First submission 2016-12-02 14:15:52 UTC ( 8 months, 2 weeks ago )
Last submission 2017-01-04 18:30:15 UTC ( 7 months, 2 weeks ago )
File names t58x46dy71np14vc10vm40j87fi12o.docx
j28ky17ha34u6un4x99a.docx
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!