× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: ea132c34ebbc591eda78531e2bfb9a4cb40e55a245191f54e82df25be9b58db2
File name: 1cb9a32af5b30aa26d6198c8b5c46168
Detection ratio: 9 / 60
Analysis date: 2017-10-19 10:14:07 UTC ( 1 year, 7 months ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.Downloader.DDE.Gen 20171019
BitDefender Trojan.Downloader.DDE.Gen 20171019
ClamAV Doc.Exploit.DDEautoexec-6348842-0 20171019
Emsisoft Trojan.Downloader.DDE.Gen (B) 20171019
F-Secure Trojan.Downloader.DDE.Gen 20171019
GData Trojan.Downloader.DDE.Gen 20171019
Ikarus Win32.Outbreak 20171019
MAX malware (ai score=81) 20171019
eScan Trojan.Downloader.DDE.Gen 20171019
AegisLab 20171019
AhnLab-V3 20171019
Alibaba 20170911
ALYac 20171019
Antiy-AVL 20171019
Arcabit 20171019
Avast 20171019
Avast-Mobile 20171019
AVG 20171019
Avira (no cloud) 20171019
AVware 20171019
Baidu 20171019
Bkav 20171019
CAT-QuickHeal 20171019
CMC 20171018
Comodo 20171019
CrowdStrike Falcon (ML) 20170804
Cylance 20171019
Cyren 20171019
eGambit 20171019
Endgame 20171016
ESET-NOD32 20171019
F-Prot 20171019
Fortinet 20171019
Sophos ML 20170914
Jiangmin 20171019
K7AntiVirus 20171019
K7GW 20171019
Kaspersky 20171019
Kingsoft 20171019
Malwarebytes 20171019
McAfee 20171019
McAfee-GW-Edition 20171018
Microsoft 20171018
NANO-Antivirus 20171019
nProtect 20171019
Palo Alto Networks (Known Signatures) 20171019
Panda 20171018
Qihoo-360 20171019
Rising 20171019
SentinelOne (Static ML) 20171001
Sophos AV 20171019
SUPERAntiSpyware 20171019
Symantec 20171019
Symantec Mobile Insight 20171011
Tencent 20171019
TheHacker 20171017
TotalDefense 20171019
TrendMicro 20171019
TrendMicro-HouseCall 20171019
Trustlook 20171019
VBA32 20171018
VIPRE 20171019
ViRobot 20171019
Webroot 20171019
WhiteArmor 20171016
Yandex 20171018
Zillya 20171019
ZoneAlarm by Check Point 20171019
Zoner 20171019
The file being studied follows the Open XML file format! More specifically, it is a Office Open XML Document file.
Content types
rels
xml
Package relationships
word/document.xml
docProps/app.xml
docProps/core.xml
Core document properties
dc:creator
1
cp:lastModifiedBy
alex
cp:revision
87
dcterms:created
2017-10-18T12:30:00Z
dcterms:modified
2017-10-19T09:42:00Z
Application document properties
Template
Normal
TotalTime
359
Pages
2
Words
34
Characters
199
Application
Microsoft Office Word
DocSecurity
0
Lines
1
Paragraphs
1
ScaleCrop
false
vt:lpstr
\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435
vt:i4
1
LinksUpToDate
false
CharactersWithSpaces
232
SharedDoc
false
HyperlinksChanged
false
AppVersion
16.0000
Document languages
Language
Prevalence
ru-ru
3
en-us
2
ar-sa
1
ExifTool file metadata
SharedDoc
No

HyperlinksChanged
No

LinksUpToDate
No

LastModifiedBy
alex

HeadingPairs
, 1

ZipFileName
[Content_Types].xml

Template
Normal

ZipRequiredVersion
20

ModifyDate
2017:10:19 09:42:00Z

ZipCRC
0x6cd2a4df

Words
34

ScaleCrop
No

RevisionNumber
87

MIMEType
application/vnd.openxmlformats-officedocument.wordprocessingml.document

ZipBitFlag
0x0006

CreateDate
2017:10:18 12:30:00Z

Lines
1

AppVersion
16.0

ZipUncompressedSize
1312

ZipCompressedSize
346

Characters
199

CharactersWithSpaces
232

DocSecurity
None

ZipModifyDate
1980:01:01 00:00:00

FileType
DOCX

Application
Microsoft Office Word

TotalEditTime
6.0 hours

ZipCompression
Deflated

Pages
2

Creator
1

FileTypeExtension
docx

Paragraphs
1

The file being studied is a compressed stream! Details about the compressed contents follow.
Contained files
Compression metadata
Contained files
11
Uncompressed size
57298
Highest datetime
2017-10-19 12:44:02
Lowest datetime
1980-01-01 00:00:00
Contained files by extension
xml
9
Contained files by type
XML
11
Compressed bundles
File identification
MD5 1cb9a32af5b30aa26d6198c8b5c46168
SHA1 53c715d90ba6eccbfde4d231c5f1c0280835c514
SHA256 ea132c34ebbc591eda78531e2bfb9a4cb40e55a245191f54e82df25be9b58db2
ssdeep
192:CtNCNMf8obL6bj9zJCvLecm8hhL46G0o2M8Uvnp3GlWZmTOeKfR6:aNSQmx1CTecm87XG0ogUh/UTtKfR6

File size 13.0 KB ( 13341 bytes )
File type Office Open XML Document
Magic literal
Zip archive data, at least v2.0 to extract

TrID Word Microsoft Office Open XML Format document (51.0%)
Open Packaging Conventions container (38.0%)
ZIP compressed archive (8.6%)
PrintFox/Pagefox bitmap (var. P) (2.1%)
Tags
docx attachment

VirusTotal metadata
First submission 2017-10-19 10:14:07 UTC ( 1 year, 7 months ago )
Last submission 2018-05-14 23:51:26 UTC ( 1 year ago )
File names I_187131.doc
I_842954.doc
I_058842.doc
2017_10_19_15_50_11.000854
I_153536.doc
I_442339.doc
I_421532.doc
I_279641.doc
I_632847.doc
I_552569.doc
I_495929.doc
I_564101.doc
I_749911.doc
I_818305.doc
I_409070.doc
I_330462.doc
I_569854.doc
eaa5d325c46622beba6fa184537e5a7d8d2022f5
I_152623.doc
I_326218.doc
I_741724.doc
I_545811.doc
I_433184.doc
I_568735.doc
I_618281.doc
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!