× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: ccf7fed174dc9864c810d1c53b1ba7dfedede41cc9fd2ec82d85ec865ca67db8
File name: invoiceU6GCMXGLL2O0N7QYDZ.doc
Detection ratio: 34 / 56
Analysis date: 2016-03-02 22:04:35 UTC ( 4 months, 4 weeks ago )
Antivirus Result Update
ALYac Exploit.CVE-2012-0158.Gen 20160302
AVG Exploit_c.YWQ 20160302
AVware Exploit.RTF.CVE-2012-0158 (v) 20160302
Ad-Aware Exploit.CVE-2012-0158.Gen 20160302
AhnLab-V3 RTF/Cve-2012-0158 20160302
Arcabit Exploit.CVE-2012-0158.Gen 20160302
Avast RTF:Obfuscated-gen [Trj] 20160302
Avira (no cloud) EXP/CVE-2012-0158.AQ.1 20160302
BitDefender Exploit.CVE-2012-0158.Gen 20160302
CAT-QuickHeal Exp.RTF.CVE-2012-0158 20160302
ClamAV RTF.Exploit.CVE_2012_0158-4 20160302
Comodo UnclassifiedMalware 20160302
Cyren CVE120158 20160302
ESET-NOD32 Win32/Exploit.CVE-2012-0158.EI 20160302
Emsisoft Exploit.CVE-2012-0158.Gen (B) 20160229
F-Prot CVE120158 20160302
F-Secure Exploit:W32/CVE-2012-0158.D 20160302
GData Exploit.CVE-2012-0158.Gen 20160302
Ikarus Trojan.PDF 20160302
Kaspersky Exploit.Win32.CVE-2012-0158.aq 20160302
McAfee Exploit-CVE2012-0158 20160302
McAfee-GW-Edition Exploit-CVE2012-0158 20160302
eScan Exploit.CVE-2012-0158.Gen 20160302
Microsoft Exploit:Win32/CVE-2012-0158 20160302
Qihoo-360 virus.exp.20120158 20160302
Sophos Troj/DocDrop-DM 20160302
Symantec Trojan.Mdropper 20160302
Tencent Win32.Exploit.Cve-2012-0158.Ahyt 20160302
TotalDefense Tnega.XAFR!suspicious 20160302
TrendMicro TROJ_MDROP.ABA 20160302
TrendMicro-HouseCall TROJ_MDROP.ABA 20160302
VIPRE Exploit.RTF.CVE-2012-0158 (v) 20160302
ViRobot Trojan.Win32.A.EX-CVE-2012-0158.277699[h] 20160302
nProtect Exploit.CVE-2012-0158.Gen 20160302
AegisLab 20160302
Yandex 20160302
Alibaba 20160302
Antiy-AVL 20160302
Baidu-International 20160302
Bkav 20160302
ByteHero 20160302
CMC 20160301
DrWeb 20160302
Fortinet 20160302
Jiangmin 20160302
K7AntiVirus 20160302
K7GW 20160302
Malwarebytes 20160302
NANO-Antivirus 20160302
Panda 20160302
Rising 20160302
SUPERAntiSpyware 20160302
TheHacker 20160302
VBA32 20160302
Zillya 20160302
Zoner 20160302
The file being studied is a Rich Text Format file! RTF is a proprietary document file format with published specification developed by Microsoft Corporation since 1987 for Microsoft products and for cross-platform document interchange.
Document properties
Non ascii characters
0
Embedded drawings
0
Rtf header
rtA1
Default ansi codepage
Cyrillic
Generator
Msftedit 5.41.21.2510
Read only protection
False
User protection
False
Default character set
ANSI
Custom xml data properties
0
Dos stubs
0
Objects
OLE embedded (Package)
OLE control (Package)
Embedded pictures
0
Longest hex string
259520
Default languages
Russian
ExifTool file metadata
FileAccessDate
2014:12:06 01:12:03+01:00

FileCreateDate
2014:12:06 01:12:03+01:00

Overlay parents
File identification
MD5 7c2fd4abfe8640f8db0d18dbecaf8bb4
SHA1 883155e9d95b5d92171e2d897dadc0c9400ba098
SHA256 ccf7fed174dc9864c810d1c53b1ba7dfedede41cc9fd2ec82d85ec865ca67db8
ssdeep
6144:LOTKoUILiChYHZOzTnvluN/3P08DY5rS20tlctw+:IKpILiCU27vU//tGrSdtf+

File size 271.2 KB ( 277699 bytes )
File type Rich Text Format
Magic literal
ASCII text, with CRLF line terminators

TrID Unknown!
Tags
ole-embedded rtf cve-2012-0158 ole-control exploit attachment

VirusTotal metadata
First submission 2013-11-05 07:56:17 UTC ( 2 years, 8 months ago )
Last submission 2013-11-13 09:18:57 UTC ( 2 years, 8 months ago )
File names invoiceU6GCMXGLL2O0N7QYDZ.doc.malware.doc
1.doc
7c2fd4abfe8640f8db0d18dbecaf8bb4.malware
statement.doc
invoiceU6GCMXGLL2O0N7QYDZ-b.doc
invoiceU6GCMXGLL2O0N7QYDZ.doc
invoiceU6GCMXGLL2O0N7QYDZ.doc
mal.doc
2013-11-05 04.14.40 - auto-notify@ups.com - Daily, Lauren (US - San Diego) - Spam submission attached - invoiceU6GCMXGLL2O0N7QYDZ.doc
invoiceU6GCMXGLL2O0N7QYDZ.doc
6ZqMhtkkh-277699-1383657188786-7c2fd4abfe8640f8db0d18dbecaf8bb4.doc
invoiceU6GCMXGLL2O0N7QYDZ.doc
invoiceU6GCMXGLL2O0N7QYDZ.vir
invoiceU6GCMXGLL2O0N7QYDZ.doc
277699-7c2fd4abfe8640f8db0d18dbecaf8bb4.doc
file-6170012_doc
SYQ15d85ce11_invoiceU6GCMXGLL2O0N7QYDZ.doc
invoiceU6GCMXGLL2
ExifTool file metadata
FileAccessDate
2014:12:06 01:12:03+01:00

FileCreateDate
2014:12:06 01:12:03+01:00

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!