× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: cb5760877a43e6fccd3961cdb4aaef158f046cd2d245fba58747575e34a719f8
File name: dttcodexgigas.0a163f071b05e0dd4859fb255b8f1506fb3cc153
Detection ratio: 22 / 58
Analysis date: 2019-02-09 11:33:23 UTC ( 3 months, 1 week ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.Downloader.DDE.Gen.2 20190209
ALYac Trojan.Downloader.DDE.Gen.2 20190209
Arcabit Trojan.Downloader.DDE.Gen.2 20190208
Avast Other:Malware-gen [Trj] 20190209
AVG Other:Malware-gen [Trj] 20190209
Avira (no cloud) X2000M/Dldr.DdeExec.bkdwv 20190209
BitDefender Trojan.Downloader.DDE.Gen.2 20190209
Comodo Malware@#32yckrycr45wj 20190209
Cyren RTF/Trojan.PRXE-1 20190209
Emsisoft Trojan.Downloader.DDE.Gen.2 (B) 20190209
F-Secure Malware.X2000M/Dldr.DdeExec.bkdwv 20190209
GData Trojan.Downloader.DDE.Gen.2 (2x) 20190209
Ikarus Trojan.Downloader 20190209
Kaspersky HEUR:Trojan-Downloader.MSOffice.DdeExec.i 20190209
MAX malware (ai score=84) 20190209
McAfee-GW-Edition BehavesLike.Trojan.dx 20190209
eScan Trojan.Downloader.DDE.Gen.2 20190209
Qihoo-360 susp.rtf.objupdate.gen 20190209
Symantec Trojan.Gen.NPE 20190209
Tencent Hta.Trojan.Raas.Auto 20190209
TrendMicro Possible_SMBCVE20170199 20190209
ZoneAlarm by Check Point HEUR:Trojan-Downloader.MSOffice.DdeExec.i 20190209
Acronis 20190208
AegisLab 20190209
AhnLab-V3 20190209
Alibaba 20180921
Antiy-AVL 20190209
Avast-Mobile 20190209
Babable 20180918
Baidu 20190202
Bkav 20190201
CAT-QuickHeal 20190208
ClamAV 20190209
CMC 20190209
CrowdStrike Falcon (ML) 20181023
Cybereason 20190109
Cylance 20190209
DrWeb 20190209
eGambit 20190209
Endgame 20181108
ESET-NOD32 20190209
F-Prot 20190209
Fortinet 20190209
Sophos ML 20181128
Jiangmin 20190209
K7AntiVirus 20190208
K7GW 20190209
Kingsoft 20190209
Malwarebytes 20190209
McAfee 20190209
Microsoft 20190209
NANO-Antivirus 20190209
Palo Alto Networks (Known Signatures) 20190209
Panda 20190209
Rising 20190209
SentinelOne (Static ML) 20190203
Sophos AV 20190209
SUPERAntiSpyware 20190206
Symantec Mobile Insight 20190207
TACHYON 20190209
TheHacker 20190203
TotalDefense 20190206
Trapmine 20190123
TrendMicro-HouseCall 20190209
Trustlook 20190209
VBA32 20190208
VIPRE 20190207
ViRobot 20190208
Webroot 20190209
Yandex 20190208
Zillya 20190208
Zoner 20190209
The file being studied is a Rich Text Format file! RTF is a proprietary document file format with published specification developed by Microsoft Corporation since 1987 for Microsoft products and for cross-platform document interchange.
Document properties
Non ascii characters
0
Embedded drawings
0
Rtf header
rtf1
Default ansi codepage
Western European
Generator
Riched20 10.0.15063
Read only protection
False
User protection
False
Default character set
ANSI
Custom xml data properties
0
Dos stubs
0
Objects
OLE embedded (Word.Document.12)
OLE embedded (Word.Document.12)
OLE embedded (Word.Document.12)
OLE embedded (Word.Document.12)
OLE embedded (Word.Document.12)
Embedded pictures
5
Longest hex string
49820
Default languages
English - United States
ExifTool file metadata
MIMEType
text/rtf

FileType
RTF

FileTypeExtension
rtf

File identification
MD5 1791242a43764b12072ff92460694c16
SHA1 0a163f071b05e0dd4859fb255b8f1506fb3cc153
SHA256 cb5760877a43e6fccd3961cdb4aaef158f046cd2d245fba58747575e34a719f8
ssdeep
768:iPTKADNXfuRI3g2XuZPTKADNXfuRI3g2XuPPTKADNXfuRI3g2XupPTKADNXfuRI+:S1GRmeJ1GRmeH1GRme51GRmeG1GRmen

File size 250.6 KB ( 256588 bytes )
File type Rich Text Format
Magic literal
Rich Text Format data, version 1, ANSI

TrID Rich Text Format (100.0%)
Tags
ole-embedded exploit rtf cve-2017-0199

VirusTotal metadata
First submission 2019-01-20 22:29:36 UTC ( 3 months, 4 weeks ago )
Last submission 2019-04-18 08:36:40 UTC ( 1 month ago )
File names 73cceb_dfa7257140bd472fbbff5576442f7b23.doc
3.doc
output.124279774.txt
output.124184250.txt
dttcodexgigas.0a163f071b05e0dd4859fb255b8f1506fb3cc153
ExifTool file metadata
MIMEType
text/rtf

FileType
RTF

FileTypeExtension
rtf

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!