× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: b510684253a4142aec0a3cf8f8bd13b551408917ac98cce6bde1a480ebc56532
File name: e9d2f121-73d5-409e-b24d-6341af73e510
Detection ratio: 5 / 61
Analysis date: 2017-10-31 09:40:10 UTC ( 1 year, 4 months ago ) View latest
Antivirus Result Update
Fortinet LNK/Agent.AG!tr.dldr 20171031
Kaspersky HEUR:Trojan.WinLNK.Agent.gen 20171031
Sophos AV Mal/DownLnk-D 20171031
ZoneAlarm by Check Point HEUR:Trojan.WinLNK.Agent.gen 20171031
Zoner LNKScript 20171031
Ad-Aware 20171031
AegisLab 20171031
AhnLab-V3 20171031
Alibaba 20170911
ALYac 20171031
Antiy-AVL 20171031
Arcabit 20171031
Avast 20171031
Avast-Mobile 20171031
AVG 20171031
Avira (no cloud) 20171031
AVware 20171031
Baidu 20171031
BitDefender 20171031
Bkav 20171030
CAT-QuickHeal 20171031
ClamAV 20171031
CMC 20171030
Comodo 20171031
CrowdStrike Falcon (ML) 20171016
Cybereason None
Cylance 20171031
Cyren 20171031
DrWeb 20171031
eGambit 20171031
Emsisoft 20171031
Endgame 20171024
ESET-NOD32 20171031
F-Prot 20171031
F-Secure 20171031
GData 20171031
Ikarus 20171031
Sophos ML 20170914
Jiangmin 20171031
K7AntiVirus 20171031
K7GW 20171031
Kingsoft 20171031
Malwarebytes 20171031
MAX 20171031
McAfee 20171031
McAfee-GW-Edition 20171031
Microsoft 20171031
eScan 20171031
NANO-Antivirus 20171031
nProtect 20171031
Palo Alto Networks (Known Signatures) 20171031
Panda 20171030
Qihoo-360 20171031
Rising 20171031
SentinelOne (Static ML) 20171019
SUPERAntiSpyware 20171031
Symantec 20171031
Symantec Mobile Insight 20171027
Tencent 20171031
TheHacker 20171028
TotalDefense 20171031
TrendMicro 20171031
TrendMicro-HouseCall 20171031
Trustlook 20171031
VBA32 20171030
VIPRE 20171031
ViRobot 20171031
Webroot 20171031
WhiteArmor 20171024
Yandex 20171030
Zillya 20171030
The file being studied follows the Open XML file format! More specifically, it is a Office Open XML Document file.
Content types
bin
rels
emf
png
xml
Package relationships
word/document.xml
docProps/app.xml
docProps/core.xml
Core document properties
dc:creator
alex
cp:lastModifiedBy
1
cp:revision
2
dcterms:created
2017-10-31T09:02:00Z
dcterms:modified
2017-10-31T09:02:00Z
Application document properties
Template
Normal.dotm
TotalTime
0
Pages
1
Words
3
Characters
19
Application
Microsoft Office Word
DocSecurity
0
Lines
1
Paragraphs
1
ScaleCrop
false
vt:lpstr
\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435
vt:i4
1
LinksUpToDate
false
CharactersWithSpaces
21
SharedDoc
false
HyperlinksChanged
false
AppVersion
16.0000
Document languages
Language
Prevalence
ru-ru
3
en-us
1
ar-sa
1
ExifTool file metadata
SharedDoc
No

HyperlinksChanged
No

LinksUpToDate
No

LastModifiedBy
1

HeadingPairs
, 1

ZipFileName
[Content_Types].xml

Template
Normal.dotm

ZipRequiredVersion
20

ModifyDate
2017:10:31 09:02:00Z

ZipCRC
0x1fcfe670

Words
3

ScaleCrop
No

RevisionNumber
2

MIMEType
application/vnd.openxmlformats-officedocument.wordprocessingml.document

ZipBitFlag
0x0006

CreateDate
2017:10:31 09:02:00Z

Lines
1

AppVersion
16.0

ZipUncompressedSize
1510

ZipCompressedSize
380

Characters
19

CharactersWithSpaces
21

DocSecurity
None

ZipModifyDate
1980:01:01 00:00:00

FileType
DOCX

Application
Microsoft Office Word

TotalEditTime
0

ZipCompression
Deflated

Pages
1

Creator
alex

FileTypeExtension
docx

Paragraphs
1

The file being studied is a compressed stream! Details about the compressed contents follow.
Contained files
Compression metadata
Contained files
14
Uncompressed size
174570
Highest datetime
1980-01-01 00:00:00
Lowest datetime
1980-01-01 00:00:00
Contained files by extension
xml
9
bin
1
emf
1
png
1
Contained files by type
XML
11
unknown
1
Microsoft Office
1
PNG
1
File identification
MD5 1f45684205320d37350ca524ebbfa5b5
SHA1 adb8654b2af4a4d732d18c5ee3c2089538e60198
SHA256 b510684253a4142aec0a3cf8f8bd13b551408917ac98cce6bde1a480ebc56532
ssdeep
3072:9PgvkTRDtieqb3YLk5Qj+ybcQGJoRDYk+HPRl:Viy4dbIZ+8cQlRpKJl

File size 126.4 KB ( 129386 bytes )
File type Office Open XML Document
Magic literal
Zip archive data, at least v2.0 to extract

TrID Word Microsoft Office Open XML Format document (51.0%)
Open Packaging Conventions container (38.0%)
ZIP compressed archive (8.6%)
PrintFox/Pagefox bitmap (var. P) (2.1%)
Tags
docx cve-2017-8464 attachment exploit

VirusTotal metadata
First submission 2017-10-31 09:40:10 UTC ( 1 year, 4 months ago )
Last submission 2018-10-23 23:39:15 UTC ( 5 months ago )
File names POP3-740d85c4_15f4dcfe52e_-7c1a.doc
e9d2f121-73d5-409e-b24d-6341af73e510
Invoice INV0000961.doc
Invoice INV0000528.doc
Invoice INV0000032.doc
Invoice INV0000808.doc
InvoiceINV0000541_69C7B3AD-6488-168F-531A-5D120DCCEE13.doc
Invoice INV0000351.doc
Invoice INV0000388.doc
Invoice INV0000901.doc
Invoice INV0000124.doc
Invoice INV0000253.doc
Invoice INV0000815.doc
Invoice INV0000023.doc
Invoice INV0000089.doc
Invoice INV0000182.doc
Invoice INV0000914.doc
Invoice INV0000643.doc
0459ea2d40dc50b85e19f293761ce3c371f4a621
Invoice INV0000334.doc
Invoice INV0000286.doc
Invoice INV0000030.doc
Invoice INV0000885.doc
Invoice INV0000640.doc
Invoice INV0000500.doc
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!