× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: cfeae7e6decc02a00103d29a2a06f017faa173de979624101a8caba8453098b2
File name: De_ZF240461G.doc
Detection ratio: 20 / 55
Analysis date: 2014-12-04 14:46:58 UTC ( 2 years, 5 months ago )
Antivirus Result Update
AhnLab-V3 DOC/Downloader 20141204
Avast Other:Malware-gen [Trj] 20141204
AVG W97M/Generic 20141204
Avira (no cloud) WM/Dotty.fav.1 20141204
Cyren W97M/DownldExe.P 20141204
ESET-NOD32 VBA/TrojanDownloader.Agent.CL 20141204
F-Prot W97M/DownldExe.P 20141204
Fortinet W97M/DocDl.BE!tr 20141204
Ikarus Trojan-Downloader.VBA.Agent 20141204
Kaspersky Trojan-Downloader.MSWord.Agent.cm 20141204
McAfee W97M/Downloader.o 20141204
McAfee-GW-Edition W97M/Downloader.o 20141204
Microsoft TrojanDownloader:O97M/Pewmod.A 20141204
NANO-Antivirus Trojan.Script.Dotty.djfdlt 20141204
Norman DLoader.ATMHG 20141204
Sophos Troj/DocDl-BC 20141204
Symantec W97M.Downloader 20141204
Tencent Word.Trojan-downloader.Agent.Szbj 20141204
TrendMicro TROJ_LEDOD.E 20141204
TrendMicro-HouseCall TROJ_LEDOD.E 20141204
Ad-Aware 20141204
AegisLab 20141204
Yandex 20141203
ALYac 20141204
Antiy-AVL 20141204
AVware 20141204
Baidu-International 20141204
BitDefender 20141204
Bkav 20141204
ByteHero 20141204
CAT-QuickHeal 20141204
ClamAV 20141204
CMC 20141204
Comodo 20141204
DrWeb 20141204
F-Secure 20141204
GData 20141204
Jiangmin 20141203
K7AntiVirus 20141204
K7GW 20141204
Kingsoft 20141204
Malwarebytes 20141204
eScan 20141204
nProtect 20141204
Panda 20141204
Qihoo-360 20141204
Rising 20141204
SUPERAntiSpyware 20141204
TheHacker 20141201
TotalDefense 20141204
VBA32 20141204
VIPRE 20141204
ViRobot 20141204
Zillya 20141203
Zoner 20141204
The file being studied follows the Compound Document File format! More specifically, it is a MS Word Document file.
Summary
last_author
KVBGuhcvk
creation_datetime
2014-11-04 11:23:00
revision_number
1
author
KVBGuhcvk
page_count
1
last_saved
2014-11-04 11:24:00
edit_time
60
template
Normal.dot
application_name
Microsoft Office Word
code_page
Cyrillic
Document summary
line_count
1
paragraph_count
1
version
730895
code_page
Cyrillic
OLE Streams
kids
\\x01CompObj, \\x05DocumentSummaryInformation, \\x05SummaryInformation, 1Table, Macros, WordDocument
name
Root Entry
clsid
00020906-0000-0000-c000-000000000046
type_literal
root
clsid_literal
MS Word
size
4800
type_literal
stream
size
4096
entropy
1.87845693797
name
1Table
md5
06ef86b3dada1a63768432c2d0ba8b18
type_literal
stream
size
4142
entropy
0.886984589548
name
WordDocument
md5
28709c79e0001e3a2894fb04268c5b94
type_literal
stream
size
4096
entropy
0.480693242666
name
\\x05SummaryInformation
md5
e7ccf709b6fb4f6a6212c712ac90b020
type_literal
stream
size
4096
entropy
0.256703484514
name
\\x05DocumentSummaryInformation
md5
7a22f73e83719764d094281b7670f43f
type_literal
storage
kids
PROJECT, PROJECTwm, VBA
name
Macros
size
0
type_literal
storage
kids
ThisDocument, _VBA_PROJECT, dir
name
VBA
size
0
type_literal
stream
size
113
entropy
4.34494072836
name
\\x01CompObj
md5
f0ee69b36245f758dc57e94c7c58ee53
ExifTool file metadata
SharedDoc
No

Author
KVBGuhcvk

CodePage
Windows Cyrillic

LinksUpToDate
No

LastModifiedBy
KVBGuhcvk

HeadingPairs
, 1

Template
Normal.dot

CharCountWithSpaces
0

CreateDate
2014:11:04 10:23:00

CompObjUserType
???????? Microsoft Office Word

ModifyDate
2014:11:04 10:24:00

HyperlinksChanged
No

Characters
0

ScaleCrop
No

RevisionNumber
1

MIMEType
application/msword

Words
0

FileType
DOC

Lines
1

AppVersion
11.9999

FileAccessDate
2014:12:04 15:47:06+01:00

Security
None

FileCreateDate
2014:12:04 15:47:06+01:00

Software
Microsoft Office Word

TotalEditTime
1.0 minutes

Pages
1

CompObjUserTypeLen
31

Paragraphs
1

Compressed bundles
File identification
MD5 c8771f140a61ac7600fc452d8fa25faf
SHA1 a74568349c665d68809d5e5b1d96503ea4959da2
SHA256 cfeae7e6decc02a00103d29a2a06f017faa173de979624101a8caba8453098b2
ssdeep
3072:Iefo9u0tbvpX5LqojMFPNS15WR5U4f0k7jIo9AULhY5:Jfo9u0tbvpX5LqojMFPNS15WR5U4f0kQ

File size 161.0 KB ( 164864 bytes )
File type MS Word Document
Magic literal
CDF V2 Document, Little Endian, Os: Windows, Version 6.2, Code page: 1251, Author: KVBGuhcvk, Template: Normal.dot, Last Saved By: KVBGuhcvk, Revision Number: 1, Name of Creating Application: Microsoft Office Word, Total Editing Time: 01:00, Create Time/Date: Mon Nov 03 10:23:00 2014, Last Saved Time/Date: Mon Nov 03 10:24:00 2014, Number of Pages: 1, Number of Words: 0, Number of Characters: 0, Security: 0

TrID Microsoft Word document (45.7%)
Microsoft Excel sheet (42.8%)
Generic OLE2 / Multistream Compound File (11.4%)
Tags
macros doc

VirusTotal metadata
First submission 2014-11-04 12:20:02 UTC ( 2 years, 6 months ago )
Last submission 2014-12-04 14:46:58 UTC ( 2 years, 5 months ago )
File names De_LJ102268S.doc
19b0c7ee3bd7e6045682ef6bc32cfab0
file-7652058_doc
vti-rescan
De_UV576613D.doc
c614d8906e3ec660ac1f9a64c1f8db5a
De_MY191473D.doc
a74568349c665d68809d5e5b1d96503ea4959da2.doc
De_ZF240461G.doc
De_QO221074Z.doc
c57857e4e537a8d90c6f76bf29b126cc
De_IN6930439I.doc
07075e4cc1c4fa19bd3d4602601882da
De_FK5332698Y.doc
c8771f140a61ac7600fc452d8fa25faf
2f88cff92e951c3344726d2d7fd445ec
De_AK205492I.doc
De_GB776205C.doc
fadd29ad3b6732d10afedfb0cb5d863d
De_PR711496O.doc
2eaf0a392ff84a2b8baee0e1ea08a741
De_SI176801Y.doc
948dc568d9615a0c40bc9d2a8e9da6e5
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!