× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: ccf7fed174dc9864c810d1c53b1ba7dfedede41cc9fd2ec82d85ec865ca67db8
File name: invoiceU6GCMXGLL2O0N7QYDZ.doc
Detection ratio: 32 / 55
Analysis date: 2014-12-06 00:11:53 UTC ( 5 months, 3 weeks ago )
Antivirus Result Update
AVG Exploit_c.YWQ 20141205
AVware Exploit.RTF.CVE-2012-0158 (v) 20141206
Ad-Aware Exploit.CVE-2012-0158.Gen 20141205
AhnLab-V3 RTF/Cve-2012-0158 20141205
Avast RTF:Obfuscated-gen [Trj] 20141205
Avira EXP/CVE-2012-0158.AQ.1 20141205
BitDefender Exploit.CVE-2012-0158.Gen 20141205
CAT-QuickHeal Exp.RTF.CVE-2012-0158.A 20141205
ClamAV RTF.Exploit.CVE_2012_0158-4 20141206
Comodo UnclassifiedMalware 20141204
Cyren CVE120158 20141206
ESET-NOD32 Win32/Exploit.CVE-2012-0158.EI 20141206
F-Prot CVE120158 20141205
F-Secure Exploit:W32/CVE-2012-0158.D 20141205
GData Exploit.CVE-2012-0158.Gen 20141206
Ikarus Trojan.PDF 20141205
Kaspersky Exploit.Win32.CVE-2012-0158.aq 20141205
McAfee Exploit-CVE2012-0158 20141206
McAfee-GW-Edition Exploit-CVE2012-0158 20141206
MicroWorld-eScan Exploit.CVE-2012-0158.Gen 20141205
Microsoft Exploit:Win32/CVE-2012-0158 20141206
NANO-Antivirus Exploit.Rtf.Heuristic-rtf.dinbqn 20141205
Norman CVE-2012-0158.AN 20141205
Qihoo-360 virus.exp.20120158 20141206
Sophos Troj/DocDrop-DM 20141205
Symantec Trojan.Mdropper 20141206
Tencent Win32.Exploit.Cve-2012-0158.Ahyt 20141206
TrendMicro TROJ_MDROP.ABA 20141205
TrendMicro-HouseCall TROJ_MDROP.ABA 20141205
VIPRE Exploit.RTF.CVE-2012-0158 (v) 20141205
ViRobot Trojan.Win32.A.EX-CVE-2012-0158.277699 20141205
nProtect Exploit.CVE-2012-0158.Gen 20141205
ALYac 20141205
AegisLab 20141206
Agnitum 20141205
Antiy-AVL 20141205
Baidu-International 20141205
Bkav 20141205
ByteHero 20141206
CMC 20141204
DrWeb 20141206
Fortinet 20141206
Jiangmin 20141205
K7AntiVirus 20141205
K7GW 20141205
Kingsoft 20141206
Malwarebytes 20141206
Panda 20141205
Rising 20141205
SUPERAntiSpyware 20141205
TheHacker 20141205
TotalDefense 20141205
VBA32 20141205
Zillya 20141204
Zoner 20141204
The file being studied is a Rich Text Format file! RTF is a proprietary document file format with published specification developed by Microsoft Corporation since 1987 for Microsoft products and for cross-platform document interchange.
Document properties
Non ascii characters
0
Embedded drawings
0
Rtf header
rtA1
Default ansi codepage
Cyrillic
Generator
Msftedit 5.41.21.2510
Read only protection
False
User protection
False
Default character set
ANSI
Custom xml data properties
0
Dos stubs
0
Objects
OLE embedded (Package)
OLE control (Package)
Embedded pictures
0
Longest hex string
259520
Default languages
Russian
ExifTool file metadata
FileAccessDate
2014:12:06 01:12:03+01:00

FileCreateDate
2014:12:06 01:12:03+01:00

File identification
MD5 7c2fd4abfe8640f8db0d18dbecaf8bb4
SHA1 883155e9d95b5d92171e2d897dadc0c9400ba098
SHA256 ccf7fed174dc9864c810d1c53b1ba7dfedede41cc9fd2ec82d85ec865ca67db8
ssdeep
6144:LOTKoUILiChYHZOzTnvluN/3P08DY5rS20tlctw+:IKpILiCU27vU//tGrSdtf+

File size 271.2 KB ( 277699 bytes )
File type Rich Text Format
Magic literal
ASCII text, with CRLF line terminators

TrID Unknown!
Tags
ole-embedded rtf cve-2012-0158 ole-control exploit attachment

VirusTotal metadata
First submission 2013-11-05 07:56:17 UTC ( 1 year, 6 months ago )
Last submission 2013-11-13 09:18:57 UTC ( 1 year, 6 months ago )
File names invoiceU6GCMXGLL2O0N7QYDZ.doc.malware.doc
1.doc
7c2fd4abfe8640f8db0d18dbecaf8bb4.malware
statement.doc
invoiceU6GCMXGLL2O0N7QYDZ-b.doc
invoiceU6GCMXGLL2O0N7QYDZ.doc
invoiceU6GCMXGLL2O0N7QYDZ.doc
mal.doc
2013-11-05 04.14.40 - auto-notify@ups.com - Daily, Lauren (US - San Diego) - Spam submission attached - invoiceU6GCMXGLL2O0N7QYDZ.doc
invoiceU6GCMXGLL2O0N7QYDZ.doc
6ZqMhtkkh-277699-1383657188786-7c2fd4abfe8640f8db0d18dbecaf8bb4.doc
invoiceU6GCMXGLL2O0N7QYDZ.doc
invoiceU6GCMXGLL2O0N7QYDZ.vir
invoiceU6GCMXGLL2O0N7QYDZ.doc
277699-7c2fd4abfe8640f8db0d18dbecaf8bb4.doc
file-6170012_doc
SYQ15d85ce11_invoiceU6GCMXGLL2O0N7QYDZ.doc
invoiceU6GCMXGLL2
ExifTool file metadata
FileAccessDate
2014:12:06 01:12:03+01:00

FileCreateDate
2014:12:06 01:12:03+01:00

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!