× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: afaebb8055559ea6bf88cedcd6fc7b93f02cde31a560876bcc4860fd0686739d
File name: 5F9B7A70CA665A54F8879A6A16F6ADDE.xls.malware
Detection ratio: 37 / 53
Analysis date: 2014-06-24 10:39:00 UTC ( 9 months, 4 weeks ago )
Antivirus Result Update
AVG Exploit_c.XKZ 20140624
Ad-Aware Exploit.CVE-2009-3129.Gen 20140624
AhnLab-V3 XLS/Cve-2009-3129 20140624
AntiVir EXP/Excel.CVE-2009-3129 20140624
Avast XLS:CVE-2009-3129 [Expl] 20140624
BitDefender Exploit.CVE-2009-3129.Gen 20140624
Bkav Exploit.CVE-2009-3129.Heur 20140623
CAT-QuickHeal Shell.Gen.AI 20140624
Commtouch Exploit/XLS.gen 20140624
Comodo UnclassifiedMalware 20140624
DrWeb Exploit.Excel.18 20140624
Emsisoft Trojan-Dropper.MSWord.Agent (A) 20140624
F-Prot Exploit/XLS.gen 20140624
F-Secure Exploit.CVE-2009-3129.Gen 20140624
Fortinet MSExcel/CVE_2009_3129.A!exploit 20140624
GData Exploit.CVE-2009-3129.Gen 20140624
Ikarus Trojan-Dropper.MSWord.Agent 20140624
K7AntiVirus Trojan ( 0040f0511 ) 20140623
K7GW Trojan ( 0040f0511 ) 20140623
Kaspersky Trojan-Dropper.MSWord.Agent.ga 20140624
McAfee Exploit-MSExcel.ac 20140624
McAfee-GW-Edition Heuristic.BehavesLike.Exploit.X97.CodeExec.O 20140623
MicroWorld-eScan Exploit.CVE-2009-3129.Gen 20140624
Microsoft Exploit:Win32/CVE-2009-3129 20140624
NANO-Antivirus Exploit.MSExcel.CVE-2009-3129.ccxskf 20140624
Norman Shellcode.B 20140624
Qihoo-360 virus.exp.ole.17 20140624
Rising NORMAL:Hack.Exploit.Macro.CVE-2009-3129.a!1611213 20140623
Sophos Troj/DocDrop-S 20140624
Symantec Backdoor.Rocra 20140624
Tencent Word.Trojan-dropper.Agent.Szvv 20140624
TrendMicro TROJ_OLEXP.B 20140624
TrendMicro-HouseCall TROJ_OLEXP.B 20140624
VBA32 Exploit.Win32.OLE.77 20140624
VIPRE Exploit.Excel.CVE-2009-3129 (v) 20140624
ViRobot MSWord.A.Agent.559616 20140624
nProtect Exploit.CVE-2009-3129.Gen 20140624
AegisLab 20140624
Agnitum 20140623
Antiy-AVL 20140624
Baidu-International 20140624
ByteHero 20140624
CMC 20140624
ClamAV 20140624
Jiangmin 20140624
Kingsoft 20140624
Malwarebytes 20140624
Panda 20140624
SUPERAntiSpyware 20140624
TheHacker 20140622
TotalDefense 20140624
Zillya 20140624
Zoner 20140616
The file being studied follows the Compound Document File format! More specifically, it is a MS Excel Spreadsheet file.
Summary
last_author
qq
creation_datetime
1996-12-17 02:32:42
title
last_saved
2009-11-26 04:35:15
application_name
Microsoft Excel
code_page
Simplified Chinese GBK
Document summary
version
730895
code_page
Simplified Chinese GBK
OLE Streams
kids
\\x05DocumentSummaryInformation, \\x05SummaryInformation, Workbook
name
Root Entry
clsid
00020820-0000-0000-c000-000000000046
type_literal
root
clsid_literal
MS Excel
size
0
type_literal
stream
md5
9b59a049faf199686cdb89a8d2f2427f
entropy
2.36226275467
name
Workbook
size
16373
type_literal
stream
md5
36860842b8912675a952591146b8e610
entropy
0.27691401055
name
\\x05SummaryInformation
size
4096
type_literal
stream
md5
e93a6d0574ea347ff55427998b44c3a7
entropy
0.239946948561
name
\\x05DocumentSummaryInformation
size
4096
ExifTool file metadata
MIMEType
application/vnd.ms-excel

CodePage
Windows Simplified Chinese (PRC, Singapore)

ModifyDate
2009:11:26 03:35:15

TitleOfParts
Sheet1

SharedDoc
No

FileType
XLS

AppVersion
11.9999

LinksUpToDate
No

ScaleCrop
No

LastModifiedBy
qq

HeadingPairs
??????, 1

FileAccessDate
2014:06:24 11:39:07+01:00

HyperlinksChanged
No

Security
None

FileCreateDate
2014:06:24 11:39:07+01:00

CreateDate
1996:12:17 01:32:42

Software
Microsoft Excel

Compressed bundles
File identification
MD5 5f9b7a70ca665a54f8879a6a16f6adde
SHA1 b5e7b7986725d33be76a2a447886bcaee218194a
SHA256 afaebb8055559ea6bf88cedcd6fc7b93f02cde31a560876bcc4860fd0686739d
ssdeep
12288:neAaJhRatm/2DYQBEq41A4CDdGc+E/sJMn+uolVecx3Nw:nenRF/vzPCsDE/WepolVhw

File size 546.5 KB ( 559616 bytes )
File type MS Excel Spreadsheet
Magic literal
CDF V2 Document, Little Endian, Os: Windows, Version 5.2, Code page: 936, Title: , Last Saved By: qq, Name of Creating Application: Microsoft Excel, Create Time/Date: Mon Dec 16 01:32:42 1996, Last Saved Time/Date: Wed Nov 25 03:35:15 2009, Security: 0

TrID Microsoft Excel sheet (48.0%)
Microsoft Excel sheet (alternate) (39.2%)
Generic OLE2 / Multistream Compound File (12.8%)
Tags
exploit xls cve-2009-3129

VirusTotal metadata
First submission 2011-10-05 22:56:27 UTC ( 3 years, 6 months ago )
Last submission 2014-06-24 10:39:00 UTC ( 9 months, 4 weeks ago )
File names 5F9B7A70CA665A54F8879A6A16F6ADDE.xls.malware
5f9b7a70ca665a54f8879a6a16f6adde
file-5034526_xls
1.xls
EEAS-Staff New contact list (05-25-2011).xls
5f9b7a70ca665a54f8879a6a16f6adde.virus
5f9b7a70ca665a54f8879a6a16f6adde.xls
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!