× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: b30fd5d4f9cddb11197168775824198e67779d3f4b9b9c62ca18ae09e4bc6454
File name: Invoice.doc
Detection ratio: 20 / 56
Analysis date: 2015-04-08 02:29:07 UTC ( 2 years ago ) View latest
Antivirus Result Update
Ad-Aware Exploit.CVE-2014-1761.B 20150408
AhnLab-V3 RTF/Cve-2014-1761 20150407
ALYac Exploit.CVE-2014-1761.B 20150408
AVG Exploit_c.ACAL 20150408
AVware Exploit.RTF.CVE-2014-1761.a (v) 20150408
BitDefender Exploit.CVE-2014-1761.B 20150408
CAT-QuickHeal Exp.RTF.CVE-2012-0158.A 20150407
DrWeb Exploit.Rtf.CVE2012-0158 20150408
Emsisoft Exploit.CVE-2014-1761.B (B) 20150407
F-Secure Exploit.CVE-2014-1761.B 20150408
GData Exploit.CVE-2014-1761.B 20150408
Ikarus Trojan.Exploit 20150408
Jiangmin Exploit.CVE-2012-0158.c 20150406
NANO-Antivirus Exploit.Rtf.Heuristic-rtf.dinbqn 20150408
nProtect Exploit.CVE-2014-1761.B 20150407
Qihoo-360 virus.exp.20122539 20150408
Sophos Troj/20141761-F 20150408
TrendMicro HEUR_RTFEXP.A 20150408
TrendMicro-HouseCall Suspicious_GEN.F47V0406 20150408
VIPRE Exploit.RTF.CVE-2014-1761.a (v) 20150408
AegisLab 20150408
Yandex 20150407
Alibaba 20150408
Antiy-AVL 20150407
Avast 20150408
Avira (no cloud) 20150408
Baidu-International 20150407
Bkav 20150407
ByteHero 20150408
ClamAV 20150408
CMC 20150407
Comodo 20150408
Cyren 20150408
ESET-NOD32 20150408
F-Prot 20150408
Fortinet 20150408
K7AntiVirus 20150407
K7GW 20150407
Kaspersky 20150408
Kingsoft 20150408
Malwarebytes 20150408
McAfee 20150408
McAfee-GW-Edition 20150408
Microsoft 20150408
Norman 20150407
Panda 20150407
Rising 20150406
SUPERAntiSpyware 20150408
Symantec 20150408
Tencent 20150408
TheHacker 20150408
TotalDefense 20150407
VBA32 20150407
ViRobot 20150408
Zillya 20150407
Zoner 20150407
The file being studied is a Rich Text Format file! RTF is a proprietary document file format with published specification developed by Microsoft Corporation since 1987 for Microsoft products and for cross-platform document interchange.
Document properties
Non ascii characters
29155
Embedded drawings
0
Rtf header
rtf1
Read only protection
False
User protection
False
Default character set
ANSI (default)
Custom xml data properties
0
Dos stubs
0
Objects
OLE control
Embedded pictures
0
Longest hex string
6587
ExifTool file metadata
MIMEType
text/rtf

FileType
RTF

Warning
Unspecified RTF encoding. Will assume Latin

FileTypeExtension
rtf

File identification
MD5 6374de06a61cc5077cb2d930d5beb231
SHA1 905580b4aadcb22d78364063d8e5de318fbc8069
SHA256 b30fd5d4f9cddb11197168775824198e67779d3f4b9b9c62ca18ae09e4bc6454
ssdeep
768:HFw+/ymPu+nS+YMyvsOdRdrpDVHftZGPkVUGwm31+1vZnKuYHx+CTgNEwsN9TX8v:ygu+nS+OLpDVHPYgUJ2Ec/xgdUTo1/X

File size 76.7 KB ( 78538 bytes )
File type Rich Text Format
Magic literal
Rich Text Format data, version 1, unknown character set

TrID Rich Text Format (100.0%)
Tags
cve-2012-0158 ole-control exploit rtf cve-2014-1761

VirusTotal metadata
First submission 2015-04-06 15:14:29 UTC ( 2 years ago )
Last submission 2016-01-03 02:06:47 UTC ( 1 year, 3 months ago )
File names 64855431
6374de06a61cc5077cb2d930d5beb231.doc
Invoice.doc
VirusShare_6374de06a61cc5077cb2d930d5beb231
output.64855431.txt
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

ExifTool file metadata
MIMEType
text/rtf

FileType
RTF

Warning
Unspecified RTF encoding. Will assume Latin

FileTypeExtension
rtf

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!