× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: ccf7fed174dc9864c810d1c53b1ba7dfedede41cc9fd2ec82d85ec865ca67db8
File name: invoiceU6GCMXGLL2O0N7QYDZ.doc
Detection ratio: 33 / 50
Analysis date: 2014-03-06 09:16:05 UTC ( 1 month, 2 weeks ago )
Antivirus Result Update
AVG Exploit_c.YWQ 20140305
Ad-Aware Exploit.CVE-2012-0158.Gen 20140306
AhnLab-V3 RTF/Cve-2012-0158 20140305
AntiVir EXP/CVE-2012-0158.AQ.1 20140306
Avast RTF:Obfuscated-gen [Trj] 20140306
BitDefender Exploit.CVE-2012-0158.Gen 20140306
Bkav MW.Clod531.Trojan.b5ea 20140305
CAT-QuickHeal Rtf.Heur.Gen 20140306
ClamAV RTF.Exploit.CVE_2012_0158-4 20140305
Commtouch CVE120158 20140306
Comodo UnclassifiedMalware 20140306
ESET-NOD32 Win32/Exploit.CVE-2012-0158.EI 20140306
Emsisoft Exploit.CVE-2012-0158.Gen (B) 20140306
F-Prot CVE120158 20140306
F-Secure Exploit:W32/CVE-2012-0158.D 20140306
Fortinet W32/CVE_2012_0158.AQ!exploit 20140306
GData Exploit.CVE-2012-0158.Gen 20140306
Ikarus Trojan.PDF 20140306
K7AntiVirus Exploit ( 2913ad9d0 ) 20140305
Kaspersky Exploit.Win32.CVE-2012-0158.aq 20140306
McAfee Exploit-CVE2012-0158 20140306
McAfee-GW-Edition Exploit-CVE2012-0158 20140306
MicroWorld-eScan Exploit.CVE-2012-0158.Gen 20140306
Microsoft Exploit:Win32/CVE-2012-0158 20140306
Norman CVE-2012-0158.AN 20140306
Qihoo-360 Trojan.Generic 20140306
Sophos Troj/DocDrop-BI 20140306
Symantec Trojan.Mdropper 20140306
TrendMicro TROJ_MDROP.ABA 20140306
TrendMicro-HouseCall TROJ_MDROP.ABA 20140306
VIPRE Exploit.RTF.CVE-2012-0158 (v) 20140306
ViRobot Trojan.Win32.A.EX-CVE-2012-0158.277699 20140306
nProtect Exploit.CVE-2012-0158.Gen 20140305
Agnitum 20140305
Antiy-AVL 20140306
Baidu-International 20140306
ByteHero 20140306
CMC 20140228
DrWeb 20140306
Jiangmin 20140306
K7GW 20140305
Kingsoft 20140306
Malwarebytes 20140306
NANO-Antivirus 20140306
Panda 20140305
Rising 20140305
SUPERAntiSpyware 20140306
TheHacker 20140305
TotalDefense 20140306
VBA32 20140305
The file being studied is a Rich Text Format file! RTF is a proprietary document file format with published specification developed by Microsoft Corporation since 1987 for Microsoft products and for cross-platform document interchange.
Document properties
Non ascii characters
0
Embedded drawings
0
Rtf header
rtA1
Default ansi codepage
Cyrillic
Generator
Msftedit 5.41.21.2510
Read only protection
False
User protection
False
Default character set
ANSI
Custom xml data properties
0
Dos stubs
0
Objects
OLE embedded (Package)
OLE control (Package)
Embedded pictures
0
Longest hex string
259520
Default languages
Russian
ExifTool file metadata
FileAccessDate
2014:03:06 10:17:21+01:00

FileCreateDate
2014:03:06 10:17:21+01:00

File identification
MD5 7c2fd4abfe8640f8db0d18dbecaf8bb4
SHA1 883155e9d95b5d92171e2d897dadc0c9400ba098
SHA256 ccf7fed174dc9864c810d1c53b1ba7dfedede41cc9fd2ec82d85ec865ca67db8
ssdeep
6144:LOTKoUILiChYHZOzTnvluN/3P08DY5rS20tlctw+:IKpILiCU27vU//tGrSdtf+

File size 271.2 KB ( 277699 bytes )
File type Rich Text Format
Magic literal
ASCII text, with CRLF line terminators

TrID Unknown!
Tags
ole-embedded rtf cve-2012-0158 text exploit attachment ole-control

VirusTotal metadata
First submission 2013-11-05 07:56:17 UTC ( 5 months, 2 weeks ago )
Last submission 2013-11-13 09:18:57 UTC ( 5 months, 1 week ago )
File names invoiceU6GCMXGLL2O0N7QYDZ.doc.malware.doc
1.doc
7c2fd4abfe8640f8db0d18dbecaf8bb4.malware
statement.doc
invoiceU6GCMXGLL2O0N7QYDZ-b.doc
invoiceU6GCMXGLL2O0N7QYDZ.doc
invoiceU6GCMXGLL2O0N7QYDZ.doc
mal.doc
2013-11-05 04.14.40 - auto-notify@ups.com - Daily, Lauren (US - San Diego) - Spam submission attached - invoiceU6GCMXGLL2O0N7QYDZ.doc
invoiceU6GCMXGLL2O0N7QYDZ.doc
6ZqMhtkkh-277699-1383657188786-7c2fd4abfe8640f8db0d18dbecaf8bb4.doc
invoiceU6GCMXGLL2O0N7QYDZ.doc
invoiceU6GCMXGLL2O0N7QYDZ.vir
invoiceU6GCMXGLL2O0N7QYDZ.doc
277699-7c2fd4abfe8640f8db0d18dbecaf8bb4.doc
file-6170012_doc
SYQ15d85ce11_invoiceU6GCMXGLL2O0N7QYDZ.doc
invoiceU6GCMXGLL2
ExifTool file metadata
FileAccessDate
2014:03:06 10:17:21+01:00

FileCreateDate
2014:03:06 10:17:21+01:00

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!