× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: e378eef9f4ea1511aa5e368cb0e52a8a68995000b8b1e6207717d9ed09e8555a
File name: 200f7930de8d44fc2b00516f79033408ca39d610_rtf.rt
Detection ratio: 44 / 57
Analysis date: 2016-04-27 05:13:54 UTC ( 3 months ago )
Antivirus Result Update
ALYac Exploit.DOC.CVE-2014-1761 20160427
AVG Exploit_c.ACAP 20160427
AVware Exploit.RTF.CVE-2014-1761.a (v) 20160427
Ad-Aware Exploit.CVE-2014-1761.A 20160427
AhnLab-V3 RTF/Cve-2014-1761 20160427
Arcabit Exploit.CVE-2014-1761.A 20160427
Avast RTF:CVE-2014-1761 [Expl] 20160427
Avira (no cloud) EXP/CVE-2014-1761.A 20160426
Baidu RTF.Exploit.CVE-2014-1761.a 20160427
BitDefender Exploit.CVE-2014-1761.A 20160427
CAT-QuickHeal Exp.RTF.CVE-2014-1761 20160427
ClamAV Rtf.Exploit.Cve_2014_1761-2 20160426
Comodo UnclassifiedMalware 20160427
Cyren CVE141761 20160427
DrWeb Exploit.Rtf.CVE2012-0158 20160427
ESET-NOD32 Win32/Exploit.CVE-2014-1761.C 20160427
Emsisoft Exploit.CVE-2014-1761.A (B) 20160427
F-Prot CVE141761 20160427
F-Secure Exploit:W32/CVE-2014-1761.A 20160427
Fortinet MSOffice/CVE_2014_1761.A!exploit 20160425
GData Exploit.CVE-2014-1761.A 20160427
Ikarus Exploit.Trojan 20160426
Jiangmin Exploit.MSWord.CVE-2014-1761.a 20160427
K7AntiVirus Exploit ( 00495f081 ) 20160426
K7GW Exploit ( 00495f081 ) 20160427
Kaspersky Exploit.MSWord.CVE-2014-1761.a 20160427
McAfee Exploit-CVE2014-1761 20160427
McAfee-GW-Edition Exploit-CVE2014-1761 20160427
eScan Exploit.CVE-2014-1761.A 20160427
Microsoft Exploit:Win32/CVE-2014-1761 20160427
NANO-Antivirus Exploit.Rtf.CVE-2014-1761.dgyrmk 20160427
Qihoo-360 virus.exp.20141761 20160427
Sophos Exp/20141761-A 20160427
Symantec Trojan.Mdropper 20160427
Tencent Word.Exploit.Cve-2014-1761.Lnyc 20160427
TotalDefense Tnega.XAPW!suspicious 20160426
TrendMicro TROJ_ARTIEF.NSA 20160427
TrendMicro-HouseCall TROJ_ARTIEF.NSA 20160427
VBA32 Exploit.MSWord.CVE-2014-1761.a 20160425
VIPRE Exploit.RTF.CVE-2014-1761.a (v) 20160427
ViRobot MSWord.A.EX-CVE-2014-1761.790048[h] 20160427
Yandex Exploit.CVE-2014-1761.A 20160426
Zillya Exploit.CVE.MacroWord.220 20160426
nProtect Exploit.CVE-2014-1761.A 20160426
AegisLab 20160426
Alibaba 20160427
Antiy-AVL 20160427
Baidu-International 20160426
Bkav 20160427
CMC 20160425
Kingsoft 20160427
Malwarebytes 20160427
Panda 20160426
Rising 20160427
SUPERAntiSpyware 20160427
TheHacker 20160426
Zoner 20160427
The file being studied is a Rich Text Format file! RTF is a proprietary document file format with published specification developed by Microsoft Corporation since 1987 for Microsoft products and for cross-platform document interchange.
Summary
Revision time
2014-03-08 03:09:00
Sidtbl
sid8596814sid8926214sid10110685
Author
ism{\\creatim\\yr2014\\mo3\\dy8\\hr3\\min9
Company
home{\\creatim\\yr2014\\mo3\\dy8\\hr3\\min9
3929
?;
Creation time
2014-03-08 03:09:00
Number of non whitespace characters
69
Operator
ismail - [2010]
Document properties
Non ascii characters
366022
Embedded drawings
20
Rtf header
rt
Read only protection
False
User protection
False
Default character set
ANSI (default)
Custom xml data properties
0
Dos stubs
0
Objects
OLE control (MSComctlLib.ImageComboCtl.2)
Embedded pictures
1
Longest hex string
16838
ExifTool file metadata
FileAccessDate
2015:02:17 16:20:22+01:00

FileCreateDate
2015:02:17 16:20:22+01:00

File identification
MD5 a2fe8f03adae711e1d3352ed97f616c7
SHA1 200f7930de8d44fc2b00516f79033408ca39d610
SHA256 e378eef9f4ea1511aa5e368cb0e52a8a68995000b8b1e6207717d9ed09e8555a
ssdeep
12288:+/ONoJjU8KZXmr3itt76Zm743yQkb3RTZX5OEyWbhLro0UrttvNL7D3S:JeJjvMWpZm77pbBTcco0UrtzL7

File size 771.5 KB ( 790048 bytes )
File type Rich Text Format
Magic literal
data

TrID Unknown!
Tags
cve-2012-0158 ole-control exploit rtf cve-2014-1761

VirusTotal metadata
First submission 2014-04-01 14:49:08 UTC ( 2 years, 4 months ago )
Last submission 2015-06-19 14:01:37 UTC ( 1 year, 1 month ago )
File names e378eef9f4ea1511aa5e368cb0e52a8a68995000b8b1e6207717d9ed09e8555a.bin
sample.doc
Word漏洞 CVE-2014-1761.RTF
Word漏洞 CVE-2014-1761.bin
CVE-2014-1761
vti-rescan
test.rtf
e378eef9f4ea1511aa5e368cb0e52a8a68995000b8b1e6207717d9ed09e8555a
rtf.rt
e378eef9f4ea1511aa5e368cb0e52a8a68995000b8b1e6207717d9ed09e8555a.docx
a2fe8f03adae711e1d3352ed97f616c7.doc
hjhp
e378eef9f4ea1511aa5e368cb0e52a8a68995000b8b1e6207717d9ed09e8555a.bin.rtf
e378eef9f4ea1511aa5e368cb0e52a8a68995000b8b1e6207717d9ed09e8555a from friends.bin
CVE-2014-1761.rtf
e378eef9f4ea1511aa5e368cb0e52a8a68995000b8b1e6207717d9ed09e8555a.rtf
live_sample.rtf
Hombres Mercurio.doc
CVE-2014-1761.docx
1.doc
200f7930de8d44fc2b00516f79033408ca39d610_rtf.rt
file-6840075_rtf
ms14-17.doc
CVE2014_1761_e378eef9f4ea1511aa5e368cb0e52a8a68995000b8b1e6207717d9ed09e8555a.doc
a2fe8f03adae711e1d3352ed97f616c7.bin
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

ExifTool file metadata
FileAccessDate
2015:02:17 16:20:22+01:00

FileCreateDate
2015:02:17 16:20:22+01:00

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!