× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: ba70d0fea452de754f45deac1b0a592300a1701538c72a5a2a6da4488adebd0f
File name: Purchase-Order.doc
Detection ratio: 28 / 60
Analysis date: 2018-06-24 03:19:51 UTC ( 7 months, 4 weeks ago ) View latest
Antivirus Result Update
AhnLab-V3 OLE/Cve-2017-11882.Gen 20180623
Arcabit Exploit.RTF-OLE.Gen 20180624
Avast Win32:ShellCode [Expl] 20180624
AVG Win32:ShellCode [Expl] 20180624
Avira (no cloud) EXP/CVE-2017-11882.Gen 20180623
Baidu Win32.Exploit.Agent.an 20180622
BitDefender Exploit.RTF-OLE.Gen 20180624
Cyren CVE-2017-11882.E.gen!Camelot 20180624
Emsisoft Exploit.RTF-OLE.Gen (B) 20180624
ESET-NOD32 probably a variant of Win32/Exploit.CVE-2017-11882.B 20180624
F-Secure Exploit:W97M/CVE-2017-0199.B 20180622
Fortinet MSOffice/CVE_2017_11882.B!exploit 20180624
GData Exploit.RTF-OLE.Gen 20180624
Ikarus Exploit.CVE-2017-11882 20180623
Kaspersky HEUR:Exploit.MSOffice.Generic 20180623
MAX malware (ai score=82) 20180624
McAfee Exploit-CVE2017-0199.bi 20180624
McAfee-GW-Edition Exploit-CVE2017-0199.bi 20180624
Microsoft Exploit:O97M/CVE-2017-11882.C 20180624
eScan Exploit.RTF-OLE.Gen 20180624
NANO-Antivirus Exploit.Rtf.Heuristic-rtf.dinbqn 20180624
Qihoo-360 virus.exp.21711882.d 20180624
Sophos AV Exp/20180802-B 20180624
Symantec Exp.CVE-2017-11882!g2 20180623
TrendMicro TROJ_CVE20170199.SMA 20180624
TrendMicro-HouseCall TROJ_CVE20170199.SMA 20180624
ZoneAlarm by Check Point HEUR:Exploit.MSOffice.Generic 20180624
Zoner Probably RTFShellCode 20180623
Ad-Aware 20180624
AegisLab 20180622
Alibaba 20180622
ALYac 20180624
Antiy-AVL 20180624
Avast-Mobile 20180623
AVware 20180624
Babable 20180406
Bkav 20180623
CAT-QuickHeal 20180623
ClamAV 20180623
CMC 20180623
Comodo 20180623
CrowdStrike Falcon (ML) 20180202
Cybereason 20180308
Cylance 20180624
DrWeb 20180624
eGambit 20180624
Endgame 20180612
F-Prot 20180624
Sophos ML 20180601
Jiangmin 20180623
K7AntiVirus 20180623
K7GW 20180623
Kingsoft 20180624
Malwarebytes 20180623
Palo Alto Networks (Known Signatures) 20180624
Panda 20180623
Rising 20180624
SentinelOne (Static ML) 20180618
SUPERAntiSpyware 20180623
Symantec Mobile Insight 20180619
TACHYON 20180624
Tencent 20180624
TheHacker 20180622
Trustlook 20180624
VBA32 20180622
VIPRE 20180624
ViRobot 20180623
Webroot 20180624
Yandex 20180622
Zillya 20180622
The file being studied is a Rich Text Format file! RTF is a proprietary document file format with published specification developed by Microsoft Corporation since 1987 for Microsoft products and for cross-platform document interchange.
Document properties
Non ascii characters
0
Embedded drawings
0
Rtf header
rtf
Read only protection
False
User protection
False
Default character set
ANSI (default)
Custom xml data properties
0
Dos stubs
0
Objects
OLE link
Embedded pictures
0
Longest hex string
8312
ExifTool file metadata
MIMEType
text/rtf

FileType
RTF

Warning
Unspecified RTF encoding. Will assume Latin

FileTypeExtension
rtf

File identification
MD5 2fdfbbcf5da065ddb39f505040d13b26
SHA1 75cdee798ccea39a6fa57a1b0cf398129e49c451
SHA256 ba70d0fea452de754f45deac1b0a592300a1701538c72a5a2a6da4488adebd0f
ssdeep
96:Q+BaCvcrMQjEopu/RnsF1KQG2ud0PC9hLdYiXvd1rDqsyv:QGhGMgEseF5dd0SikF1g

File size 8.2 KB ( 8376 bytes )
File type Rich Text Format
Magic literal
Rich Text Format data, unknown version

TrID Rich Text Format (100.0%)
Tags
rtf exploit ole-link cve-2017-11882 cve-2017-0199

VirusTotal metadata
First submission 2018-06-24 03:19:51 UTC ( 7 months, 4 weeks ago )
Last submission 2018-06-24 03:19:51 UTC ( 7 months, 4 weeks ago )
File names Purchase-Order.doc
ExifTool file metadata
MIMEType
text/rtf

FileType
RTF

Warning
Unspecified RTF encoding. Will assume Latin

FileTypeExtension
rtf

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!