× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: af5828503e6aebeaab1d87066e8bb6329cbee329014d50e1029d0c410798b9e7
File name: t58x46dy71np14vc10vm40j87fi12o.docx
Detection ratio: 28 / 58
Analysis date: 2017-04-29 19:13:10 UTC ( 15 hours, 39 minutes ago )
Antivirus Result Update
AegisLab Troj.Downloader.Script!c 20170429
ALYac Trojan.GenericKD.3830794 20170429
Arcabit Trojan.Generic.D3A740A 20170429
Avast VBS:Downloader-AKT [Trj] 20170429
Avira (no cloud) VBS/Dldr.Agent.32458 20170429
Baidu VBS.Trojan-Downloader.Agent.sq 20170428
BitDefender Trojan.GenericKD.3830794 20170429
CAT-QuickHeal OLE.Downloader.VBS.A 20170429
Cyren ZIP/Trojan.ACGI-8 20170429
Emsisoft Trojan.GenericKD.3830794 (B) 20170429
ESET-NOD32 VBS/TrojanDownloader.Agent.ONO 20170429
F-Secure Trojan.GenericKD.3830794 20170429
Fortinet WM/Agent.FFA6!tr.dldr 20170429
GData Trojan.GenericKD.3830794 20170429
Ikarus Trojan-Downloader.VBS.Agent 20170429
Kaspersky HEUR:Trojan-Downloader.Script.Generic 20170429
McAfee W97M/Dropper!37AE1EC5670F 20170429
McAfee-GW-Edition W97M/Dropper!37AE1EC5670F 20170429
Microsoft TrojanDownloader:JS/Swabfex.P 20170429
NANO-Antivirus Trojan.Script.Vbs-heuristic.druvzi 20170429
Qihoo-360 virus.vbs.qexvmc.1 20170429
Rising Downloader.Generic!8.141 (cloud:wHI3LfRyuwO) 20170429
Sophos Troj/DocDl-FIJ 20170429
Symantec Trojan.Gen.NPE 20170429
Tencent Vbs.Trojan-downloader.Agent.Altb 20170429
TrendMicro-HouseCall VBS_DLO.D8FB6891 20170429
ViRobot DOC.Z.Agent.72297[h] 20170429
ZoneAlarm by Check Point HEUR:Trojan-Downloader.Script.Generic 20170429
Ad-Aware 20170429
AhnLab-V3 20170429
Alibaba 20170428
Antiy-AVL 20170429
AVG 20170429
AVware 20170429
ClamAV 20170429
CMC 20170427
Comodo 20170429
CrowdStrike Falcon (ML) 20170130
DrWeb 20170429
Endgame 20170419
F-Prot 20170429
Invincea 20170413
Jiangmin 20170428
K7AntiVirus 20170429
K7GW 20170426
Kingsoft 20170429
Malwarebytes 20170429
eScan 20170429
nProtect 20170429
Palo Alto Networks (Known Signatures) 20170429
Panda 20170429
SentinelOne (Static ML) 20170330
SUPERAntiSpyware 20170429
Symantec Mobile Insight 20170428
TheHacker 20170428
TotalDefense 20170426
TrendMicro 20170429
Trustlook 20170429
VBA32 20170429
VIPRE 20170429
Webroot 20170429
WhiteArmor 20170409
Yandex 20170428
Zillya 20170428
Zoner 20170429
The file being studied follows the Open XML file format! More specifically, it is a Office Open XML Document file.
Content types
bin
rels
emf
jpg
xml
Package relationships
word/document.xml
docProps/app.xml
docProps/core.xml
Core document properties
dc:creator
saudis
lastModifiedBy
colleagues
revision
4
dcterms:created
2016-12-01T16:57:00.0000000Z
dcterms:modified
2016-12-02T12:22:00.0000000Z
Application document properties
Template
Normal.dotm
TotalTime
22
Pages
1
Words
604
Characters
3447
Application
Microsoft Office Word
DocSecurity
0
Lines
28
Paragraphs
8
ScaleCrop
false
vt:lpstr
Title
vt:i4
1
Company
Organization
LinksUpToDate
false
CharactersWithSpaces
4043
SharedDoc
false
HyperlinksChanged
false
AppVersion
15.0000
Document languages
Language
Prevalence
en-us
2
ar-sa
1
ExifTool file metadata
SharedDoc
No

CorePropertiesModified
2016-12-02T12:22:00.0000000Z

HyperlinksChanged
No

LinksUpToDate
No

CorePropertiesCreatedType
dcterms:W3CDTF

HeadingPairs
Title, 1

ZipFileName
[Content_Types].xml

Template
Normal.dotm

CorePropertiesXmlns
http://schemas.openxmlformats.org/package/2006/metadata/core-properties

ZipRequiredVersion
20

ZipCRC
0xafb86bde

Company
Organization

ZipBitFlag
0x0006

CorePropertiesCreated
2016-12-01T16:57:00.0000000Z

Characters
3447

Pages
1

MIMEType
application/vnd.openxmlformats-officedocument.wordprocessingml.document

Words
604

FileType
DOCX

Lines
28

AppVersion
15.0

ZipUncompressedSize
1775

ZipCompressedSize
399

CorePropertiesRevision
4

CharactersWithSpaces
4043

DocSecurity
None

ZipModifyDate
1980:01:01 00:00:00

Application
Microsoft Office Word

TotalEditTime
22 minutes

CorePropertiesCreator
saudis

ZipCompression
Deflated

ScaleCrop
No

FileTypeExtension
docx

Paragraphs
8

CorePropertiesLastModifiedBy
colleagues

CorePropertiesModifiedType
dcterms:W3CDTF

The file being studied is a compressed stream! Details about the compressed contents follow.
Contained files
Compression metadata
Contained files
22
Uncompressed size
162831
Highest datetime
2016-12-02 13:22:44
Lowest datetime
1980-01-01 00:00:00
Contained files by extension
xml
11
bin
4
emf
4
jpg
1
Contained files by type
XML
12
unknown
5
Microsoft Office
4
JPG
1
File identification
MD5 7eab96d2bc04ca155de035815b88ee00
SHA1 3eb8644cb7c1a4bc883f90cf0f14ba280b9561e6
SHA256 af5828503e6aebeaab1d87066e8bb6329cbee329014d50e1029d0c410798b9e7
ssdeep
1536:+54YSv131YiWNWlcXYtCVEPXnYdY9fTTy:+7Sv13SiWNWyYt5XYq5W

File size 70.6 KB ( 72297 bytes )
File type Office Open XML Document
Magic literal
Zip archive data, at least v2.0 to extract

TrID Word Microsoft Office Open XML Format document (52.2%)
Open Packaging Conventions container (38.8%)
ZIP compressed archive (8.8%)
Tags
docx

VirusTotal metadata
First submission 2016-12-02 14:15:52 UTC ( 4 months, 4 weeks ago )
Last submission 2017-01-04 18:30:15 UTC ( 3 months, 3 weeks ago )
File names t58x46dy71np14vc10vm40j87fi12o.docx
j28ky17ha34u6un4x99a.docx
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!