× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: be3852eea1c2de1a9dd6dbbd6de9fe8330413989211f2e466b2b1c4d4c87a02b
File name: derek_scan.doc
Detection ratio: 0 / 60
Analysis date: 2017-12-01 06:23:31 UTC ( 1 year, 1 month ago ) View latest
Antivirus Result Update
Ad-Aware 20171201
AegisLab 20171201
AhnLab-V3 20171130
Alibaba 20171201
ALYac 20171201
Antiy-AVL 20171201
Arcabit 20171201
Avast 20171201
Avast-Mobile 20171130
AVG 20171201
Avira (no cloud) 20171201
AVware 20171201
Baidu 20171201
BitDefender 20171201
Bkav 20171129
CAT-QuickHeal 20171130
ClamAV 20171201
CMC 20171201
Comodo 20171201
CrowdStrike Falcon (ML) 20171016
Cybereason None
Cylance 20171201
Cyren 20171201
DrWeb 20171201
eGambit 20171201
Emsisoft 20171201
Endgame 20171130
ESET-NOD32 20171201
F-Prot 20171201
F-Secure 20171201
Fortinet 20171201
GData 20171201
Ikarus 20171130
Sophos ML 20170914
Jiangmin 20171201
K7AntiVirus 20171201
K7GW 20171201
Kaspersky 20171201
Kingsoft 20171201
Malwarebytes 20171201
MAX 20171201
McAfee 20171201
McAfee-GW-Edition 20171201
Microsoft 20171201
eScan 20171201
NANO-Antivirus 20171201
nProtect 20171201
Palo Alto Networks (Known Signatures) 20171201
Panda 20171130
Qihoo-360 20171201
Rising 20171201
SentinelOne (Static ML) 20171113
Sophos AV 20171201
SUPERAntiSpyware 20171130
Symantec 20171201
Symantec Mobile Insight 20171130
Tencent 20171201
TheHacker 20171130
TotalDefense 20171201
TrendMicro 20171201
TrendMicro-HouseCall 20171201
Trustlook 20171201
VBA32 20171130
VIPRE 20171201
ViRobot 20171201
Webroot 20171201
WhiteArmor 20171104
Yandex 20171120
Zillya 20171129
ZoneAlarm by Check Point 20171201
Zoner 20171201
The file being studied follows the Compound Document File format! More specifically, it is a MS Word Document file.
OLE Streams
name
Root Entry
clsid
type_literal
root
clsid_literal
on
sid
0
size
832
type_literal
stream
sid
5
name
\x06DataSpaces/DataSpaceInfo/StrongEncryptionDataSpace
size
64
type_literal
stream
sid
3
name
\x06DataSpaces/DataSpaceMap
size
112
type_literal
stream
sid
8
name
\x06DataSpaces/TransformInfo/StrongEncryptionTransform/\x06Primary
size
200
type_literal
stream
sid
2
name
\x06DataSpaces/Version
size
76
type_literal
stream
sid
10
name
EncryptedPackage
size
22760
type_literal
stream
sid
9
name
EncryptionInfo
size
224
ExifTool file metadata
MIMEType
image/vnd.fpx

FileType
FPX

FileTypeExtension
fpx

File identification
MD5 3879685f7afa7f7098d57c67a350fddd
SHA1 e01a3f4b6d321b9db9a7853359139916c6a508b4
SHA256 be3852eea1c2de1a9dd6dbbd6de9fe8330413989211f2e466b2b1c4d4c87a02b
ssdeep
384:HkE3H5icRsGESAHaKAE1jaWb1k8ypzOpoWYr7QGsEVxXNypMSwFr1qlF8tehwfRu:Hkw5fRdKAEIWb1PKUtYweVOpMSBt0g

File size 26.5 KB ( 27136 bytes )
File type MS Word Document
Magic literal
CDF V2 Document, corrupt: Cannot read summary info

TrID Generic OLE2 / Multistream Compound File (100.0%)
Tags
doc

VirusTotal metadata
First submission 2017-12-01 06:23:31 UTC ( 1 year, 1 month ago )
Last submission 2017-12-05 18:03:27 UTC ( 1 year, 1 month ago )
File names derek_scan.doc
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!