× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: cbd902794b77d5e06cc9fa5b0a961761e288ac015b9a97a9a5cd4f058ba9964d
File name: cbd902794b77d5e06cc9fa5b0a961761e288ac015b9a97a9a5cd4f058ba9964d....
Detection ratio: 25 / 58
Analysis date: 2019-01-05 17:39:54 UTC ( 4 months, 1 week ago ) View latest
Antivirus Result Update
AegisLab Hacktool.MSOffice.Generic.3!c 20190105
AhnLab-V3 XML/Dloader.S8 20190105
Arcabit Exploit.CVE-2017-0199.Gen 20190105
Avira (no cloud) EXP/W97M.Agent.agdti 20190105
Baidu Win32.Exploit.CVE-2017-0199.m 20190104
BitDefender Exploit.CVE-2017-0199.Gen 20190105
Cyren DOCX/CVE-2017-0199!Camelot 20190105
DrWeb Exploit.CVE-2017-0199.19 20190105
Emsisoft Exploit.CVE-2017-0199.Gen (B) 20190105
GData Exploit.CVE-2017-0199.Gen 20190105
Ikarus Exploit.CVE-2017-0199 20190105
Kaspersky HEUR:Exploit.MSOffice.Generic 20190105
MAX malware (ai score=87) 20190105
McAfee Exploit-CVE2017-8759.y 20190105
McAfee-GW-Edition Exploit-CVE2017-8759.y 20190105
eScan Exploit.CVE-2017-0199.Gen 20190105
NANO-Antivirus Exploit.Xml.CVE-2017-0199.equmby 20190105
Qihoo-360 susp.exp.20170199 20190105
SentinelOne (Static ML) static engine - malicious 20181223
Sophos AV Troj/20170199-P 20190105
Symantec Trojan.Gen.NPE 20190104
Tencent Office.Exploit.Generic.Hquw 20190105
TrendMicro Trojan.W97M.CVE20170199.SMD 20190105
TrendMicro-HouseCall Trojan.W97M.CVE20170199.SMD 20190105
ZoneAlarm by Check Point HEUR:Exploit.MSOffice.Generic 20190105
Acronis 20181227
Ad-Aware 20190105
Alibaba 20180921
ALYac 20190105
Antiy-AVL 20190105
Avast 20190105
Avast-Mobile 20190105
AVG 20190105
Babable 20180918
Bkav 20190104
CAT-QuickHeal 20190105
ClamAV 20190105
CMC 20190104
Comodo 20190105
CrowdStrike Falcon (ML) 20180202
Cybereason 20180308
Cylance 20190105
eGambit 20190105
Endgame 20181108
ESET-NOD32 20190105
F-Prot 20190105
F-Secure 20190105
Fortinet 20190105
Sophos ML 20181128
Jiangmin 20190105
K7AntiVirus 20190105
K7GW 20190105
Kingsoft 20190105
Malwarebytes 20190105
Microsoft 20190105
Palo Alto Networks (Known Signatures) 20190105
Panda 20190105
Rising 20190105
SUPERAntiSpyware 20190102
TACHYON 20190105
TheHacker 20190104
Trapmine 20190103
VBA32 20190104
ViRobot 20190105
Webroot 20190105
Yandex 20181229
Zillya 20190105
Zoner 20190105
The file being studied follows the Open XML file format! More specifically, it is a Office Open XML Document file.
Content types
rels
xml
Package relationships
word/document.xml
docProps/app.xml
docProps/core.xml
http://randominterest.com/sysgen/burn.doc
Core document properties
dc:creator
Microsoft
cp:lastModifiedBy
Microsoft
cp:revision
1
dcterms:created
2017-09-24T17:26:00Z
dcterms:modified
2017-09-24T17:27:00Z
Application document properties
Template
dotm.dotm
TotalTime
1
Pages
1
Words
1
Characters
7
Application
Microsoft Office Word
DocSecurity
0
Lines
1
Paragraphs
1
ScaleCrop
false
vt:lpstr
\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435
vt:i4
1
Company
SPecialiST RePack
LinksUpToDate
false
CharactersWithSpaces
7
SharedDoc
false
HyperlinksChanged
false
AppVersion
14.0000
Document languages
Language
Prevalence
ru-ru
2
en-us
2
ar-sa
1
ExifTool file metadata
SharedDoc
No

HyperlinksChanged
No

LinksUpToDate
No

LastModifiedBy
Microsoft

Application
Microsoft Office Word

ZipFileName
[Content_Types].xml

Template
dotm.dotm

CreateDate
2017:09:24 17:26:00Z

ZipRequiredVersion
20

ModifyDate
2017:09:24 17:27:00Z

ZipCRC
0x82872409

Company
SPecialiST RePack

Words
1

ScaleCrop
No

RevisionNumber
1

MIMEType
application/vnd.openxmlformats-officedocument.wordprocessingml.document

ZipBitFlag
0x0002

FileType
DOCX

Lines
1

AppVersion
14.0

ZipUncompressedSize
1422

ZipCompressedSize
358

Characters
7

CharactersWithSpaces
7

DocSecurity
None

ZipModifyDate
2019:01:04 16:07:16

HeadingPairs
, 1

TotalEditTime
1 minute

ZipCompression
Deflated

Pages
1

Creator
Microsoft

FileTypeExtension
docx

Paragraphs
1

The file being studied is a compressed stream! Details about the compressed contents follow.
Contained files
Compression metadata
Contained files
12
Uncompressed size
6818568
Highest datetime
2019-01-04 16:07:16
Lowest datetime
2019-01-04 16:07:16
Contained files by extension
xml
10
Contained files by type
XML
11
unknown
1
File identification
MD5 93361d827ada36d2be30a0199fcd01ca
SHA1 77344b4e6dd844035a4e36be7ba7e0523e6a0174
SHA256 cbd902794b77d5e06cc9fa5b0a961761e288ac015b9a97a9a5cd4f058ba9964d
ssdeep
192:z/51/NYagSM5LyMtWNG9+J0mqQTnhr5O+TQT1QTLP55aTv3bFTB8GoA6aYXkWSm4:TX/9M9yMtiuoLOUQT1QfD+Jd8omYZ

File size 16.3 KB ( 16685 bytes )
File type Office Open XML Document
Magic literal
Zip archive data, at least v2.0 to extract

TrID Word Microsoft Office Open XML Format document (51.0%)
Open Packaging Conventions container (38.0%)
ZIP compressed archive (8.6%)
PrintFox/Pagefox bitmap (var. P) (2.1%)
Tags
cve-2017-8759 docx exploit cve-2017-0199

VirusTotal metadata
First submission 2019-01-04 18:02:53 UTC ( 4 months, 2 weeks ago )
Last submission 2019-01-05 17:39:54 UTC ( 4 months, 1 week ago )
File names burns.docx
cbd902794b77d5e06cc9fa5b0a961761e288ac015b9a97a9a5cd4f058ba9964d.bin(0)
zbetcheckin_tracker_burns.docx
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!