× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: dc909340312556883449e474fbcece6e1c393ac1d75eb35560eb7a37b0b01d43
File name: We need to confirm your details .msg
Detection ratio: 28 / 57
Analysis date: 2018-07-05 07:13:52 UTC ( 10 months, 3 weeks ago )
Antivirus Result Update
Ad-Aware VB:Trojan.Agent.CPRE 20180705
AegisLab Troj.Script.Agent!c 20180705
AhnLab-V3 W97M/Downloader 20180705
Antiy-AVL Trojan[Downloader]/MSOffice.Agent.q 20180705
Avast VBA:Downloader-FSE [Trj] 20180705
AVG VBA:Downloader-FSE [Trj] 20180705
Avira (no cloud) HEUR/Macro.Agent 20180704
Baidu VBA.Trojan-Downloader.Agent.cfb 20180705
BitDefender VB:Trojan.Agent.CPRE 20180705
CAT-QuickHeal W97M.Downloader.3793 20180704
ClamAV Doc.Dropper.Agent-6362396-0 20180704
Cyren W97M/Agent 20180705
DrWeb W97M.DownLoader.2178 20180705
ESET-NOD32 PowerShell/TrojanDownloader.Agent.Q 20180705
F-Secure VB:Trojan.Agent.CPRE 20180705
Fortinet VBA/Dloader.CNJ!tr 20180705
GData VB:Trojan.Agent.CPRE 20180705
Ikarus Trojan.VB.Valyria 20180704
Kaspersky Trojan-Downloader.VBS.Agent.cnj 20180705
MAX malware (ai score=96) 20180705
McAfee RDN/Generic Downloader.x 20180705
McAfee-GW-Edition RDN/Generic Downloader.x 20180705
Microsoft Trojan:Win32/Tiggre!rfn 20180705
Sophos AV Troj/DocDl-LEI 20180705
Symantec SecurityRisk.gen1 20180705
Tencent Heur.Macro.Generic.Gen.f 20180705
ViRobot DOC.S.Agent.115200 20180705
ZoneAlarm by Check Point Trojan-Downloader.VBS.Agent.cnj 20180705
ALYac 20180705
Arcabit 20180705
Avast-Mobile 20180705
AVware 20180705
Babable 20180406
Bkav 20180704
CMC 20180704
Comodo 20180705
CrowdStrike Falcon (ML) 20180530
Cybereason 20180225
eGambit 20180705
Emsisoft 20180705
Endgame 20180612
F-Prot 20180705
Sophos ML 20180601
Jiangmin 20180705
K7AntiVirus 20180705
K7GW 20180705
Kingsoft 20180705
Malwarebytes 20180705
eScan 20180705
NANO-Antivirus 20180705
Palo Alto Networks (Known Signatures) 20180705
Panda 20180704
Qihoo-360 20180705
SentinelOne (Static ML) 20180701
SUPERAntiSpyware 20180704
TACHYON 20180705
TheHacker 20180628
TotalDefense 20180705
Trustlook 20180705
VBA32 20180704
VIPRE 20180705
Webroot 20180705
Yandex 20180704
Zillya 20180704
Zoner 20180704
The file being studied follows the Compound Document File format! More specifically, it is a Outlook file.
OLE Streams
name
Root Entry
clsid
00020d0b-0000-0000-c000-000000000046
type_literal
root
clsid_literal
on
sid
0
size
5312
type_literal
stream
size
232
name
__attach_version1.0_#00000000/__properties_version1.0
sid
62
type_literal
stream
size
4
name
__attach_version1.0_#00000000/__substg1.0_0FF90102
sid
56
type_literal
stream
size
73728
name
__attach_version1.0_#00000000/__substg1.0_37010102
sid
57
type_literal
stream
size
20
name
__attach_version1.0_#00000000/__substg1.0_3704001F
sid
58
type_literal
stream
size
20
name
__attach_version1.0_#00000000/__substg1.0_3707001F
sid
59
type_literal
stream
size
9
name
__attach_version1.0_#00000000/__substg1.0_370A0102
sid
60
type_literal
stream
size
36
name
__attach_version1.0_#00000000/__substg1.0_370E001F
sid
61
type_literal
stream
size
48
name
__nameid_version1.0/__substg1.0_00020102
sid
2
type_literal
stream
size
40
name
__nameid_version1.0/__substg1.0_00030102
sid
3
type_literal
stream
size
28
name
__nameid_version1.0/__substg1.0_00040102
sid
4
type_literal
stream
size
8
name
__nameid_version1.0/__substg1.0_10020102
sid
5
type_literal
stream
size
8
name
__nameid_version1.0/__substg1.0_10060102
sid
6
type_literal
stream
size
8
name
__nameid_version1.0/__substg1.0_100B0102
sid
7
type_literal
stream
size
8
name
__nameid_version1.0/__substg1.0_10140102
sid
8
type_literal
stream
size
8
name
__nameid_version1.0/__substg1.0_10150102
sid
9
type_literal
stream
size
832
name
__properties_version1.0
sid
46
type_literal
stream
size
136
name
__recip_version1.0_#00000000/__properties_version1.0
sid
54
type_literal
stream
size
4
name
__recip_version1.0_#00000000/__substg1.0_0FF60102
sid
48
type_literal
stream
size
146
name
__recip_version1.0_#00000000/__substg1.0_0FFF0102
sid
49
type_literal
stream
size
54
name
__recip_version1.0_#00000000/__substg1.0_3001001F
sid
50
type_literal
stream
size
8
name
__recip_version1.0_#00000000/__substg1.0_3002001F
sid
51
type_literal
stream
size
54
name
__recip_version1.0_#00000000/__substg1.0_3003001F
sid
52
type_literal
stream
size
33
name
__recip_version1.0_#00000000/__substg1.0_300B0102
sid
53
type_literal
stream
size
16
name
__substg1.0_001A001F
sid
10
type_literal
stream
size
64
name
__substg1.0_0037001F
sid
11
type_literal
stream
size
30
name
__substg1.0_003B0102
sid
12
type_literal
stream
size
0
name
__substg1.0_003D001F
sid
13
type_literal
stream
size
68
name
__substg1.0_003F0102
sid
14
type_literal
stream
size
24
name
__substg1.0_0040001F
sid
15
type_literal
stream
size
94
name
__substg1.0_00410102
sid
16
type_literal
stream
size
8
name
__substg1.0_0042001F
sid
17
type_literal
stream
size
31
name
__substg1.0_00510102
sid
18
type_literal
stream
size
8
name
__substg1.0_0064001F
sid
19
type_literal
stream
size
48
name
__substg1.0_0065001F
sid
20
type_literal
stream
size
64
name
__substg1.0_0070001F
sid
21
type_literal
stream
size
22
name
__substg1.0_00710102
sid
22
type_literal
stream
size
8
name
__substg1.0_0075001F
sid
23
type_literal
stream
size
50
name
__substg1.0_0076001F
sid
24
type_literal
stream
size
5194
name
__substg1.0_007D001F
sid
25
type_literal
stream
size
94
name
__substg1.0_0C190102
sid
26
type_literal
stream
size
8
name
__substg1.0_0C1A001F
sid
27
type_literal
stream
size
30
name
__substg1.0_0C1D0102
sid
28
type_literal
stream
size
8
name
__substg1.0_0C1E001F
sid
29
type_literal
stream
size
48
name
__substg1.0_0C1F001F
sid
30
type_literal
stream
size
0
name
__substg1.0_0E02001F
sid
31
type_literal
stream
size
0
name
__substg1.0_0E03001F
sid
32
type_literal
stream
size
56
name
__substg1.0_0E04001F
sid
33
type_literal
stream
size
64
name
__substg1.0_0E1D001F
sid
34
type_literal
stream
size
120
name
__substg1.0_0E28001F
sid
35
type_literal
stream
size
120
name
__substg1.0_0E29001F
sid
36
type_literal
stream
size
8814
name
__substg1.0_1000001F
sid
37
type_literal
stream
size
10472
name
__substg1.0_10090102
sid
38
type_literal
stream
size
102
name
__substg1.0_1035001F
sid
39
type_literal
stream
size
178
name
__substg1.0_1046001F
sid
40
type_literal
stream
size
16
name
__substg1.0_300B0102
sid
41
type_literal
stream
size
50
name
__substg1.0_8000001F
sid
42
type_literal
stream
size
68
name
__substg1.0_8001001F
sid
43
type_literal
stream
size
112
name
__substg1.0_80020102
sid
44
type_literal
stream
size
154
name
__substg1.0_8003001F
sid
45
ExifTool file metadata
MIMEType
image/vnd.fpx

FileType
FPX

FileTypeExtension
fpx

Compressed bundles
File identification
MD5 f3110725ec7a4e21505094d8b318e29d
SHA1 5a7d1e4d771968a144971a4e7855a70b7f05b973
SHA256 dc909340312556883449e474fbcece6e1c393ac1d75eb35560eb7a37b0b01d43
ssdeep
768:K03G6Z9ovEn+2+ETTOHV/sFaN1WZxrr5o/C1USvV91p9ZP0yqsApx0Vgs+hePI96:33G6Z2MPrTOHUTVqMvV3HA9Gl80GC

File size 112.5 KB ( 115200 bytes )
File type Outlook
Magic literal
CDF V2 Document, corrupt: Cannot read summary info

TrID Outlook Message (46.5%)
Outlook Form Template (27.2%)
Microsoft Word document (20.9%)
Generic OLE2 / Multistream Compound File (5.2%)
Tags
outlook

VirusTotal metadata
First submission 2017-11-02 01:49:43 UTC ( 1 year, 6 months ago )
Last submission 2017-11-02 01:49:43 UTC ( 1 year, 6 months ago )
File names We need to confirm your details .msg
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!