× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: e7671740298c5af7c38f599f17a8516180681fb48fd4fb9ac977b1257282219d
File name: PROGRAM DRAFT.doc
Detection ratio: 32 / 50
Analysis date: 2014-02-23 15:32:11 UTC ( 1 month, 3 weeks ago )
Antivirus Result Update
AVG Exploit.CVE-2009-0563 20140223
Ad-Aware Exploit.CVE-2009-0563.Gen 20140223
AhnLab-V3 Dropper/Ms09-027 20140223
AntiVir EXP/Word.Exploit.Gen 20140223
Antiy-AVL Trojan[Exploit]/Office.CVE-2009-0563.a 20140219
Avast MacOS:CallMe-F [Trj] 20140223
BitDefender Exploit.CVE-2009-0563.Gen 20140223
ClamAV Osx.Exploit.CVE_2009_0563 20140223
Commtouch Exploit/WRD.gen 20140223
Comodo UnclassifiedMalware 20140223
DrWeb Exploit.MS09-027.3 20140223
ESET-NOD32 Win32/Exploit.CVE-2009-0563.A 20140223
Emsisoft Exploit.CVE-2009-0563.Gen (B) 20140223
F-Prot Exploit/WRD.gen 20140223
F-Secure Exploit:OSX/MS09027.A 20140223
Fortinet MSWord/CVE20090563.A!exploit 20140222
GData Exploit.CVE-2009-0563.Gen 20140223
Ikarus Exploit.Win32.MS09 20140223
K7AntiVirus Exploit ( 6193ccb60 ) 20140221
Kaspersky Exploit.OSX.CVE-2009-0563.a 20140223
McAfee-GW-Edition Heuristic.BehavesLike.Exploit.W97.CodeExec.O 20140223
MicroWorld-eScan Exploit.CVE-2009-0563.Gen 20140223
Microsoft Exploit:Win32/MS09-027 20140223
NANO-Antivirus Exploit.MSWord.CVE-2009-0563.cfdhsc 20140223
Norman CVE_2009_0563.A 20140223
Rising DOC:Attention.APT-Bait.MaliciousFile/Heur!1.9DC3 20140223
Sophos Troj/DocOSXDr-B 20140223
Symantec Bloodhound.Olemacho 20140223
TrendMicro TROJ_MDROP.OSX 20140223
VIPRE Exploit.Win32.MS09027.a (v) 20140223
ViRobot DOC.S.CVE-2009-0563.204010 20140223
nProtect Exploit.CVE-2009-0563.Gen 20140223
Agnitum 20140223
Baidu-International 20140223
Bkav 20140222
ByteHero 20140223
CAT-QuickHeal 20140223
CMC 20140220
Jiangmin 20140223
K7GW 20140220
Kingsoft 20140223
Malwarebytes 20140223
McAfee 20140223
Panda 20140223
Qihoo-360 20140223
SUPERAntiSpyware 20140222
TheHacker 20140222
TotalDefense 20140223
TrendMicro-HouseCall 20140223
VBA32 20140221
The file being studied is a Microsoft Office document! More specifically, it is a MS Word Document file.
Summary
last_author
IUHRDF
creation_datetime
2010-08-22 11:37:00
template
Normal.dotm
author
IUHRDF
page_count
1
last_saved
2010-08-22 11:37:00
revision_number
2
application_name
Microsoft Office Word
code_page
Arabic
Document summary
line_count
1
paragraph_count
1
version
786432
code_page
Arabic
OLE Streams
kids
\\x01CompObj, \\x05DocumentSummaryInformation, \\x05SummaryInformation, 1Table, Data, WordDocument
name
Root Entry
clsid
00020906-0000-0000-c000-000000000046
type_literal
root
clsid_literal
MS Word
size
128
type_literal
stream
md5
f716ba7502cd102ffe5ef73a0f6ef358
entropy
0.247189879286
name
Data
size
4096
type_literal
stream
md5
55fa381979c6595261a95f4f53632c2f
entropy
5.98897825892
name
1Table
size
6373
type_literal
stream
md5
5899ca9d9c8b14e6232e55fae3d05146
entropy
2.57300796927
name
WordDocument
size
4096
type_literal
stream
md5
d193246bb84212d8de255ee4bb4125e3
entropy
0.466635125335
name
\\x05SummaryInformation
size
4096
type_literal
stream
md5
9cc5c3cf87eb237b55ac7b377a54649d
entropy
0.303303914687
name
\\x05DocumentSummaryInformation
size
4096
type_literal
stream
md5
fdd55237cb3827facd544771c4d3b939
entropy
4.36374049783
name
\\x01CompObj
size
121
ExifTool file metadata
SharedDoc
No

Author
IUHRDF

CodePage
Windows Arabic

LinksUpToDate
No

LastModifiedBy
IUHRDF

HeadingPairs
Title, 1

Template
Normal.dotm

CharCountWithSpaces
0

CreateDate
2010:08:22 10:37:00

CompObjUserType
Microsoft Office Word 97-2003 Document

ModifyDate
2010:08:22 10:37:00

HyperlinksChanged
No

Characters
0

ScaleCrop
No

RevisionNumber
2

MIMEType
application/msword

Words
0

FileType
DOC

Lines
1

AppVersion
12.0

FileAccessDate
2014:02:23 16:32:32+01:00

Security
None

FileCreateDate
2014:02:23 16:32:32+01:00

Software
Microsoft Office Word

TotalEditTime
0

Pages
1

CompObjUserTypeLen
39

Paragraphs
1

File identification
MD5 ee84c5d626bf8450782f24fd7d2f3ae6
SHA1 92adf2ac068c119c4ad61fbb86b76749173c6a42
SHA256 e7671740298c5af7c38f599f17a8516180681fb48fd4fb9ac977b1257282219d
ssdeep
3072:iOT9JqaOge1SFhvkv71bIN666nPKKDDtqRa3REW+obsXD:hOg3pkvJIcdnPKKDDtqIREW+CU

File size 199.2 KB ( 204010 bytes )
File type MS Word Document
Magic literal
CDF V2 Document, Little Endian, Os: Windows, Version 6.0, Code page: 1256, Author: IUHRDF, Template: Normal.dotm, Last Saved By: IUHRDF, Revision Number: 2, Name of Creating Application: Microsoft Office Word, Create Time/Date: Sat Aug 21 10:37:00 2010, Last Saved Time/Date: Sat Aug 21 10:37:00 2010, Number of Pages: 1, Number of Words: 0, Number of Characters: 0, Security: 0

TrID Microsoft Word document (80.0%)
Generic OLE2 / Multistream Compound File (20.0%)
Tags
doc exploit cve-2009-0563

VirusTotal metadata
First submission 2013-04-11 02:02:37 UTC ( 1 year ago )
Last submission 2013-06-26 15:10:26 UTC ( 9 months, 3 weeks ago )
File names PROGRAM DRAFT.doc
poadasjkdasuodrr.doc
file-5420024_doc
vti-rescan
e7671740298c5af7c38f599f17a8516180681fb48fd4fb9ac977b1257282219d
ee84c5d626bf8450782f24fd7d2f3ae6
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!