× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: e378eef9f4ea1511aa5e368cb0e52a8a68995000b8b1e6207717d9ed09e8555a
File name: 200f7930de8d44fc2b00516f79033408ca39d610_rtf.rt
Detection ratio: 41 / 55
Analysis date: 2016-08-14 16:48:36 UTC ( 2 weeks, 1 day ago )
Antivirus Result Update
ALYac Exploit.DOC.CVE-2014-1761 20160814
AVG Exploit_c.ACAP 20160814
Ad-Aware Exploit.CVE-2014-1761.A 20160814
AegisLab Exploit.MSWord.CVE-2014-1761.a!c 20160814
AhnLab-V3 RTF/Cve-2014-1761 20160814
Avast RTF:CVE-2014-1761 [Expl] 20160814
Avira (no cloud) EXP/CVE-2014-1761.Gen 20160814
Baidu RTF.Exploit.CVE-2014-1761.a 20160813
BitDefender Exploit.CVE-2014-1761.A 20160814
CAT-QuickHeal Exp.RTF.CVE-2012-2539 20160813
ClamAV Rtf.Exploit.Cve_2014_1761-2 20160814
Comodo UnclassifiedMalware 20160814
Cyren CVE141761 20160814
DrWeb Exploit.Rtf.CVE2012-0158 20160814
ESET-NOD32 Win32/Exploit.CVE-2014-1761.C 20160814
Emsisoft Exploit.CVE-2014-1761.A (B) 20160814
F-Prot CVE141761 20160814
F-Secure Exploit:W32/CVE-2014-1761.A 20160814
Fortinet MSOffice/CVE_2014_1761.A!exploit 20160814
GData Exploit.CVE-2014-1761.A 20160814
Ikarus Exploit.Trojan 20160814
K7AntiVirus Exploit ( 00495f081 ) 20160814
K7GW Exploit ( 00495f081 ) 20160814
Kaspersky Exploit.MSWord.CVE-2014-1761.a 20160814
McAfee Exploit-CVE2014-1761 20160814
McAfee-GW-Edition Exploit-CVE2014-1761 20160814
eScan Exploit.CVE-2014-1761.A 20160814
Microsoft Exploit:Win32/CVE-2014-1761 20160814
NANO-Antivirus Exploit.Rtf.CVE-2014-1761.dgyrmk 20160814
Qihoo-360 virus.exp.20122539 20160814
Sophos Exp/20141761-A 20160814
Symantec Trojan.Mdropper 20160814
Tencent Word.Exploit.Cve-2014-1761.Lnyc 20160814
TotalDefense Tnega.XAPW!suspicious 20160814
TrendMicro TROJ_ARTIEF.NSA 20160814
TrendMicro-HouseCall TROJ_ARTIEF.NSA 20160814
VBA32 Exploit.MSWord.CVE-2014-1761.a 20160812
VIPRE Exploit.RTF.CVE-2014-1761.a (v) 20160814
ViRobot MSWord.A.EX-CVE-2014-1761.790048[h] 20160814
Yandex Exploit.CVE-2014-1761.A 20160813
nProtect Exploit.CVE-2014-1761.A 20160812
Alibaba 20160812
Antiy-AVL 20160814
Arcabit 20160814
Bkav 20160813
CMC 20160811
Jiangmin 20160814
Kingsoft 20160814
Malwarebytes 20160814
Panda 20160814
Rising 20160814
SUPERAntiSpyware 20160814
TheHacker 20160814
Zillya 20160814
Zoner 20160814
The file being studied is a Rich Text Format file! RTF is a proprietary document file format with published specification developed by Microsoft Corporation since 1987 for Microsoft products and for cross-platform document interchange.
Summary
Revision time
2014-03-08 03:09:00
Sidtbl
sid8596814sid8926214sid10110685
Author
ism{\\creatim\\yr2014\\mo3\\dy8\\hr3\\min9
Company
home{\\creatim\\yr2014\\mo3\\dy8\\hr3\\min9
3929
?;
Creation time
2014-03-08 03:09:00
Number of non whitespace characters
69
Operator
ismail - [2010]
Document properties
Non ascii characters
366022
Embedded drawings
20
Rtf header
rt
Read only protection
False
User protection
False
Default character set
ANSI (default)
Custom xml data properties
0
Dos stubs
0
Objects
OLE control (MSComctlLib.ImageComboCtl.2)
Embedded pictures
1
Longest hex string
16838
ExifTool file metadata
FileAccessDate
2015:02:17 16:20:22+01:00

FileCreateDate
2015:02:17 16:20:22+01:00

File identification
MD5 a2fe8f03adae711e1d3352ed97f616c7
SHA1 200f7930de8d44fc2b00516f79033408ca39d610
SHA256 e378eef9f4ea1511aa5e368cb0e52a8a68995000b8b1e6207717d9ed09e8555a
ssdeep
12288:+/ONoJjU8KZXmr3itt76Zm743yQkb3RTZX5OEyWbhLro0UrttvNL7D3S:JeJjvMWpZm77pbBTcco0UrtzL7

File size 771.5 KB ( 790048 bytes )
File type Rich Text Format
Magic literal
data

TrID Unknown!
Tags
rtf cve-2012-0158 ole-control cve-2014-1761 exploit cve-2012-2539

VirusTotal metadata
First submission 2014-04-01 14:49:08 UTC ( 2 years, 5 months ago )
Last submission 2015-06-19 14:01:37 UTC ( 1 year, 2 months ago )
File names e378eef9f4ea1511aa5e368cb0e52a8a68995000b8b1e6207717d9ed09e8555a.bin
sample.doc
Word漏洞 CVE-2014-1761.RTF
Word漏洞 CVE-2014-1761.bin
CVE-2014-1761
vti-rescan
test.rtf
e378eef9f4ea1511aa5e368cb0e52a8a68995000b8b1e6207717d9ed09e8555a
rtf.rt
e378eef9f4ea1511aa5e368cb0e52a8a68995000b8b1e6207717d9ed09e8555a.docx
a2fe8f03adae711e1d3352ed97f616c7.doc
hjhp
e378eef9f4ea1511aa5e368cb0e52a8a68995000b8b1e6207717d9ed09e8555a.bin.rtf
e378eef9f4ea1511aa5e368cb0e52a8a68995000b8b1e6207717d9ed09e8555a from friends.bin
CVE-2014-1761.rtf
e378eef9f4ea1511aa5e368cb0e52a8a68995000b8b1e6207717d9ed09e8555a.rtf
live_sample.rtf
Hombres Mercurio.doc
CVE-2014-1761.docx
1.doc
200f7930de8d44fc2b00516f79033408ca39d610_rtf.rt
file-6840075_rtf
ms14-17.doc
CVE2014_1761_e378eef9f4ea1511aa5e368cb0e52a8a68995000b8b1e6207717d9ed09e8555a.doc
a2fe8f03adae711e1d3352ed97f616c7.bin
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

ExifTool file metadata
FileAccessDate
2015:02:17 16:20:22+01:00

FileCreateDate
2015:02:17 16:20:22+01:00

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!