× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: d1c042300c3dc280989304ee1bd571d9725321f24d37373f1032e0803c0a2b06
File name: document.doc
Detection ratio: 24 / 56
Analysis date: 2019-01-03 11:58:53 UTC ( 4 months, 2 weeks ago ) View latest
Antivirus Result Update
Ad-Aware Exploit.CVE-2017-11882.Gen 20190103
AhnLab-V3 OLE/Cve-2017-11882.Gen 20190103
ALYac Exploit.CVE-2017-11882.Gen 20190103
Arcabit Exploit.CVE-2017-11882.Gen 20190103
Avast RTF:CVE-2012-0158-CA [Expl] 20190103
AVG RTF:CVE-2012-0158-CA [Expl] 20190103
Avira (no cloud) HEUR/Rtf.Malformed 20190103
BitDefender Exploit.CVE-2017-11882.Gen 20190103
CAT-QuickHeal Exp.RTF.CVE-2017-0199.AO 20190102
ClamAV Rtf.Exploit.CVE_2017_11882-6584355-0 20190103
Cyren CVE-2017-11882.C.gen!Camelot 20190103
DrWeb Exploit.Rtf.CVE2012-0158 20190103
Emsisoft Exploit.CVE-2017-11882.Gen (B) 20190103
F-Secure Exploit.CVE-2017-11882.Gen 20190103
GData Generic.Exploit.CVE-2017-0199.E 20190103
Kaspersky HEUR:Exploit.MSOffice.Generic 20190103
MAX malware (ai score=86) 20190103
Microsoft Exploit:O97M/CVE-2017-11882.L 20190103
eScan Exploit.CVE-2017-11882.Gen 20190103
NANO-Antivirus Exploit.Rtf.Heuristic-rtf.dinbqn 20190103
Qihoo-360 virus.exp.21711882.d 20190103
Symantec Exp.CVE-2017-11882!g3 20190103
TrendMicro HEUR_RTFMALFORM 20190103
ZoneAlarm by Check Point HEUR:Exploit.MSOffice.Generic 20190103
Acronis 20181227
AegisLab 20190103
Alibaba 20180921
Antiy-AVL 20190103
Avast-Mobile 20190103
Babable 20180918
Baidu 20190102
Bkav 20190103
CMC 20190102
Comodo 20190103
CrowdStrike Falcon (ML) 20180202
Cybereason 20180308
Cylance 20190103
eGambit 20190103
Endgame 20181108
ESET-NOD32 20190103
F-Prot 20190103
Fortinet 20190103
Ikarus 20190103
Sophos ML 20181128
Jiangmin 20190103
K7AntiVirus 20190103
K7GW 20190103
Kingsoft 20190103
Malwarebytes 20190103
McAfee 20190103
McAfee-GW-Edition 20190103
Palo Alto Networks (Known Signatures) 20190103
Panda 20190102
Rising 20190103
SentinelOne (Static ML) 20181223
Sophos AV 20190103
SUPERAntiSpyware 20190102
TACHYON 20190103
Tencent 20190103
TheHacker 20181230
Trapmine 20190103
TrendMicro-HouseCall 20190103
Trustlook 20190103
VBA32 20181229
ViRobot 20190103
Webroot 20190103
Yandex 20181229
Zillya 20190102
Zoner 20190103
The file being studied is a Rich Text Format file! RTF is a proprietary document file format with published specification developed by Microsoft Corporation since 1987 for Microsoft products and for cross-platform document interchange.
Document properties
Non ascii characters
0
Embedded drawings
0
Rtf header
rtf
Read only protection
False
User protection
False
Default character set
ANSI (default)
Custom xml data properties
0
Dos stubs
0
Objects
OLE autolink
OLE embedded
Embedded pictures
0
Longest hex string
9455
ExifTool file metadata
MIMEType
text/rtf

FileType
RTF

Warning
Unspecified RTF encoding. Will assume Latin

FileTypeExtension
rtf

File identification
MD5 b936568ff3cf7d5c5edb074cf1416884
SHA1 4dc2f89482bf5ce3ab43396da3eaa6c37bc8001e
SHA256 d1c042300c3dc280989304ee1bd571d9725321f24d37373f1032e0803c0a2b06
ssdeep
1536:0VYVGxQAFN/cNfzmtg/T2Amh4iHZFg3ATxvyZvMdqRKuczuJ/aA8nYjx2YnSYXFY:OhEH/6AmxjzuuiUyic+z

File size 134.5 KB ( 137776 bytes )
File type Rich Text Format
Magic literal
Rich Text Format data, unknown version

TrID Rich Text Format (100.0%)
Tags
ole-embedded rtf cve-2017-11882 cve-2012-0158 exploit cve-2017-0199 ole-autolink

VirusTotal metadata
First submission 2019-01-03 11:58:53 UTC ( 4 months, 2 weeks ago )
Last submission 2019-01-26 03:45:19 UTC ( 3 months, 3 weeks ago )
File names document.doc
output.114883031.txt
ExifTool file metadata
MIMEType
text/rtf

FileType
RTF

Warning
Unspecified RTF encoding. Will assume Latin

FileTypeExtension
rtf

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!