× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: e378eef9f4ea1511aa5e368cb0e52a8a68995000b8b1e6207717d9ed09e8555a
File name: vti-rescan
Detection ratio: 40 / 57
Analysis date: 2015-02-19 07:16:20 UTC ( 3 months ago )
Antivirus Result Update
ALYac Exploit.DOC.CVE-2014-1761 20150219
AVG Exploit_c.AAKJ 20150219
AVware Exploit.RTF.CVE-2014-1761.a (v) 20150219
Ad-Aware Exploit.CVE-2014-1761.A 20150219
Agnitum Exploit.CVE-2014-1761.A 20150218
AhnLab-V3 RTF/Cve-2014-1761 20150218
Avast RTF:CVE-2014-1761 [Expl] 20150219
Avira EXP/CVE-2014-1761.A 20150219
BitDefender Exploit.CVE-2014-1761.A 20150219
CAT-QuickHeal Exp.RTF.CVE-2014-1761 20150218
Comodo UnclassifiedMalware 20150219
Cyren CVE141761 20150219
DrWeb Exploit.Rtf.CVE2012-0158 20150219
ESET-NOD32 Win32/Exploit.CVE-2014-1761.C 20150219
Emsisoft Exploit.CVE-2014-1761.A (B) 20150219
F-Prot CVE141761 20150219
F-Secure Exploit:W32/CVE-2014-1761.A 20150219
Fortinet MSOffice/CVE_2014_1761.A!exploit 20150219
GData Exploit.CVE-2014-1761.A 20150219
Ikarus Exploit.CVE-2014-1761 20150219
Jiangmin Exploit.MSWord.CVE-2014-1761.a 20150216
K7AntiVirus Exploit ( 00495f081 ) 20150218
K7GW Exploit ( 00495f081 ) 20150219
Kaspersky Exploit.MSWord.CVE-2014-1761.a 20150219
McAfee Exploit-CVE2014-1761 20150219
McAfee-GW-Edition Exploit-CVE2014-1761 20150218
MicroWorld-eScan Exploit.CVE-2014-1761.A 20150219
Microsoft Exploit:Win32/CVE-2012-2539 20150219
NANO-Antivirus Exploit.Rtf.CVE-2014-1761.dgyrmk 20150219
Norman CVE-2014-1761.A 20150218
Qihoo-360 virus.exp.20141761 20150219
Sophos Exp/20141761-A 20150219
Symantec Trojan.Mdropper 20150219
Tencent Word.Exploit.Cve-2014-1761.Lnyc 20150219
TrendMicro TROJ_ARTIEF.NSA 20150219
TrendMicro-HouseCall TROJ_ARTIEF.NSA 20150219
VIPRE Exploit.RTF.CVE-2014-1761.a (v) 20150219
ViRobot MSWord.A.EX-CVE-2014-1761.790048[h] 20150219
Zillya Exploit.CVE.MacroWord.220 20150218
nProtect Exploit.CVE-2014-1761.A 20150218
AegisLab 20150219
Alibaba 20150219
Antiy-AVL 20150219
Baidu-International 20150218
Bkav 20150213
ByteHero 20150219
CMC 20150214
ClamAV 20150219
Kingsoft 20150219
Malwarebytes 20150219
Panda 20150218
Rising 20150218
SUPERAntiSpyware 20150219
TheHacker 20150218
TotalDefense 20150219
VBA32 20150218
Zoner 20150218
The file being studied is a Rich Text Format file! RTF is a proprietary document file format with published specification developed by Microsoft Corporation since 1987 for Microsoft products and for cross-platform document interchange.
Summary
Revision time
2014-03-08 03:09:00
Sidtbl
sid8596814sid8926214sid10110685
Author
ism{\\creatim\\yr2014\\mo3\\dy8\\hr3\\min9
Company
home{\\creatim\\yr2014\\mo3\\dy8\\hr3\\min9
3929
?;
Creation time
2014-03-08 03:09:00
Number of non whitespace characters
69
Operator
ismail - [2010]
Document properties
Non ascii characters
366022
Embedded drawings
20
Rtf header
rt
Read only protection
False
User protection
False
Default character set
ANSI (default)
Custom xml data properties
0
Dos stubs
0
Objects
OLE control (MSComctlLib.ImageComboCtl.2)
Embedded pictures
1
Longest hex string
16838
ExifTool file metadata
FileAccessDate
2015:02:17 16:20:22+01:00

FileCreateDate
2015:02:17 16:20:22+01:00

File identification
MD5 a2fe8f03adae711e1d3352ed97f616c7
SHA1 200f7930de8d44fc2b00516f79033408ca39d610
SHA256 e378eef9f4ea1511aa5e368cb0e52a8a68995000b8b1e6207717d9ed09e8555a
ssdeep
12288:+/ONoJjU8KZXmr3itt76Zm743yQkb3RTZX5OEyWbhLro0UrttvNL7D3S:JeJjvMWpZm77pbBTcco0UrtzL7

File size 771.5 KB ( 790048 bytes )
File type Rich Text Format
Magic literal
data

TrID Unknown!
Tags
rtf cve-2012-0158 ole-control cve-2014-1761 exploit cve-2012-2539

VirusTotal metadata
First submission 2014-04-01 14:49:08 UTC ( 1 year, 1 month ago )
Last submission 2015-02-05 19:39:01 UTC ( 3 months, 2 weeks ago )
File names e378eef9f4ea1511aa5e368cb0e52a8a68995000b8b1e6207717d9ed09e8555a.bin
sample.doc
Word漏洞 CVE-2014-1761.RTF
a2fe8f03adae711e1d3352ed97f616c7.doc
CVE-2014-1761
vti-rescan
test.rtf
e378eef9f4ea1511aa5e368cb0e52a8a68995000b8b1e6207717d9ed09e8555a
rtf.rt
e378eef9f4ea1511aa5e368cb0e52a8a68995000b8b1e6207717d9ed09e8555a.docx
Word漏洞 CVE-2014-1761.bin
hjhp
e378eef9f4ea1511aa5e368cb0e52a8a68995000b8b1e6207717d9ed09e8555a.bin.rtf
e378eef9f4ea1511aa5e368cb0e52a8a68995000b8b1e6207717d9ed09e8555a from friends.bin
CVE-2014-1761.rtf
e378eef9f4ea1511aa5e368cb0e52a8a68995000b8b1e6207717d9ed09e8555a.rtf
live_sample.rtf
Hombres Mercurio.doc
CVE-2014-1761.docx
1.doc
file-6840075_rtf
ms14-17.doc
CVE2014_1761_e378eef9f4ea1511aa5e368cb0e52a8a68995000b8b1e6207717d9ed09e8555a.doc
a2fe8f03adae711e1d3352ed97f616c7.bin
Advanced heuristic and reputation engines
ClamAV PUA
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: http://www.clamav.net/doc/pua.html .

ExifTool file metadata
FileAccessDate
2015:02:17 16:20:22+01:00

FileCreateDate
2015:02:17 16:20:22+01:00

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!