× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: c166aff46cadce2db642047cdca65234c32c6634d9ed822eeeb2a911178d6cc3
File name: vti-rescan
Detection ratio: 14 / 50
Analysis date: 2014-02-05 21:15:01 UTC ( 2 months, 2 weeks ago )
Antivirus Result Update
AntiVir EXP/SWF.CZ.2 20140205
Antiy-AVL Exploit/SWF.CVE-2013-0633 20140205
Avast SWF:CVE-2012-5054-A [Expl] 20140205
Comodo UnclassifiedMalware 20140205
DrWeb Exploit.SWF.232 20140205
F-Secure Exploit:SWF/CVE-2012-5054.A 20140205
GData Win32.Trojan.Agent.0QV9B0 20140205
Kaspersky HEUR:Exploit.SWF.Agent.gen 20140205
McAfee Generic Exploit.f 20140205
McAfee-GW-Edition Generic Exploit.f 20140205
NANO-Antivirus Exploit.Swf.Agent.cdmiaa 20140205
Symantec Trojan.Mdropper 20140205
TrendMicro TROJ_MDROP.USR 20140205
VIPRE LooksLike.SWF.Malware.b (v) 20140205
AVG 20140205
Ad-Aware 20140205
Agnitum 20140204
AhnLab-V3 20140205
Baidu-International 20140205
BitDefender 20140205
Bkav 20140125
ByteHero 20140205
CAT-QuickHeal 20140205
CMC 20140122
ClamAV 20140205
Commtouch 20140205
ESET-NOD32 20140205
Emsisoft 20140205
F-Prot 20140205
Fortinet 20140205
Ikarus 20140205
Jiangmin 20140205
K7AntiVirus 20140205
K7GW 20140205
Kingsoft 20140205
Malwarebytes 20140205
MicroWorld-eScan 20140205
Microsoft 20140205
Norman 20140205
Panda 20140205
Qihoo-360 20140205
Rising 20140205
SUPERAntiSpyware 20140205
Sophos 20140205
TheHacker 20140205
TotalDefense 20140205
TrendMicro-HouseCall 20140205
VBA32 20140205
ViRobot 20140205
nProtect 20140205
The file being studied is a Microsoft Office document! More specifically, it is a MS Word Document file.
Summary
last_author
1785429
creation_datetime
2012-05-15 11:39:00
author
.......
title
page_count
1
last_saved
2012-05-15 11:39:00
word_count
7
revision_number
2
application_name
Microsoft Office Word
character_count
41
code_page
Latin I
template
Normal.dot
Document summary
line_count
1
company
Leibniz
characters_with_spaces
47
version
730895
paragraph_count
1
code_page
Latin I
OLE Streams
kids
\\x01CompObj, \\x05DocumentSummaryInformation, \\x05SummaryInformation, 1Table, Data, ObjectPool, WordDocument
name
Root Entry
clsid
00020906-0000-0000-c000-000000000046
type_literal
root
clsid_literal
MS Word
size
3840
type_literal
stream
md5
bd0b5598f662d3ad011fd7038a13d340
entropy
0.569970384176
name
Data
size
4096
type_literal
stream
md5
4bf87afe6766a0715447f21df25f8085
entropy
1.1936491262
name
WordDocument
size
4146
type_literal
storage
kids
_1398590705
name
ObjectPool
size
0
kids
\\x01CompObj, \\x01Ole, \\x02OlePres000, \\x03OCXNAME, \\x03ObjInfo, contents
name
_1398590705
clsid
d27cdb6e-ae6d-11cf-96b8-444553540000
type_literal
storage
clsid_literal
Adobe Flash
size
0
type_literal
stream
md5
f7c201a6e922343bee3a9b636efddbaf
entropy
4.1482786175
name
\\x01CompObj
size
145
type_literal
stream
md5
16b772118f1e411b882ac3e486a2286c
entropy
2.1297244041
name
1Table
size
2336
type_literal
stream
md5
3afb74090bc84a63921d6be95babde57
entropy
3.20630686399
name
\\x05SummaryInformation
size
412
type_literal
stream
md5
8a6d92aeefa1eaa29c8829866a9b4586
entropy
2.66386891138
name
\\x05DocumentSummaryInformation
size
284
type_literal
stream
md5
f7c201a6e922343bee3a9b636efddbaf
entropy
4.1482786175
name
\\x01CompObj
size
113
ExifTool file metadata
SharedDoc
No

Author
.......

CodePage
Windows Latin 1 (Western European)

LinksUpToDate
No

LastModifiedBy
1785429

HeadingPairs
Title, 1

Template
Normal.dot

CharCountWithSpaces
47

CreateDate
2012:05:15 10:39:00

CompObjUserType
Microsoft Office Word Document

ModifyDate
2012:05:15 10:39:00

Company
Leibniz

HyperlinksChanged
No

Characters
41

ScaleCrop
No

RevisionNumber
2

MIMEType
application/msword

Words
7

FileType
DOC

Lines
1

AppVersion
11.9999

FileAccessDate
2014:02:05 22:15:06+01:00

Security
None

FileCreateDate
2014:02:05 22:15:06+01:00

Software
Microsoft Office Word

TotalEditTime
0

Pages
1

CompObjUserTypeLen
31

Paragraphs
1

File identification
MD5 98e350a8a6c443c72fa6db1fbc0b79ad
SHA1 07f5d6032c3fb1b834f10689efdf3327f0909c3f
SHA256 c166aff46cadce2db642047cdca65234c32c6634d9ed822eeeb2a911178d6cc3
ssdeep
192:Zvy2FjEyitZwosXGGluLqCU2w5ZuiMCMhOrDPjTF7L90txhLip:lHytZhmGGluLc2q5Djh7CtXL

File size 32.0 KB ( 32768 bytes )
File type MS Word Document
Magic literal
CDF V2 Document, Little Endian, Os: Windows, Version 5.1, Code page: 1252, Title: , Author: ......., Template: Normal.dot, Last Saved By: 1785429, Revision Number: 2, Name of Creating Application: Microsoft Office Word, Create Time/Date: Mon May 14 10:39:00 2012, Last Saved Time/Date: Mon May 14 10:39:00 2012, Number of Pages: 1, Number of Words: 7, Number of Characters: 41, Security: 0

TrID Microsoft Word document (80.0%)
Generic OLE2 / Multistream Compound File (20.0%)
Tags
doc exploit cve-2012-4167 cve-2012-5054 cve-2013-0633

VirusTotal metadata
First submission 2012-09-10 07:44:43 UTC ( 1 year, 7 months ago )
Last submission 2014-02-05 21:15:01 UTC ( 2 months, 2 weeks ago )
File names vti-rescan
file-4486633_doc
رسالة الكوفحي.doc
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!