× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: f0fdbf09d4a6f7301af1d687916cae133ed2265d9eb4cb73ec76edb1440e45cd
File name: 238219329108.doc
Detection ratio: 17 / 56
Analysis date: 2019-01-30 15:28:07 UTC ( 3 months, 3 weeks ago ) View latest
Antivirus Result Update
Ad-Aware VB.EmoDldr.11.Gen 20190130
Avast Script:SNH-gen [Trj] 20190130
AVG Script:SNH-gen [Trj] 20190130
BitDefender VB.EmoDldr.11.Gen 20190130
F-Secure VB.EmoDldr.11.Gen 20190130
Fortinet VBA/Agent.MJN!tr.dldr 20190130
GData VB.EmoDldr.11.Gen 20190130
Ikarus Win32.Outbreak 20190130
Microsoft Trojan:Script/Foretype.A!ml 20190130
eScan VB.EmoDldr.11.Gen 20190130
NANO-Antivirus Trojan.Ole2.Vbs-heuristic.druvzi 20190130
Qihoo-360 virus.office.qexvmc.1065 20190130
TACHYON Suspicious/XML.Obfus.Gen.6 20190130
Tencent Heur.Macro.Generic.Gen.h 20190130
TrendMicro HEUR_VBA.O.ELBP 20190130
ZoneAlarm by Check Point HEUR:Trojan-Downloader.Script.Generic 20190130
Zoner Probably MacroXML 20190128
Acronis 20190128
AegisLab 20190130
AhnLab-V3 20190130
Alibaba 20180921
ALYac 20190130
Antiy-AVL 20190130
Arcabit 20190130
Avast-Mobile 20190130
Avira (no cloud) 20190130
Babable 20180918
Baidu 20190130
Bkav 20190130
CAT-QuickHeal 20190130
ClamAV 20190130
CMC 20190130
Comodo 20190130
CrowdStrike Falcon (ML) 20181023
Cybereason 20190109
Cylance 20190130
Cyren 20190130
DrWeb 20190130
eGambit 20190130
Emsisoft 20190130
Endgame 20181108
ESET-NOD32 20190130
F-Prot 20190130
Sophos ML 20181128
Jiangmin 20190130
K7AntiVirus 20190130
K7GW 20190130
Kaspersky 20190130
Kingsoft 20190130
Malwarebytes 20190130
MAX 20190130
McAfee 20190130
McAfee-GW-Edition 20190130
Palo Alto Networks (Known Signatures) 20190130
Panda 20190130
Rising 20190130
SentinelOne (Static ML) 20190124
Sophos AV 20190130
SUPERAntiSpyware 20190123
Symantec 20190130
TheHacker 20190129
Trapmine 20190123
TrendMicro-HouseCall 20190130
Trustlook 20190130
VBA32 20190130
ViRobot 20190130
Webroot 20190130
Yandex 20190129
Zillya 20190130
File identification
MD5 fc0779693b2df15c604031bbaa3e1be2
SHA1 a021c9c726143e3b12a6454669c53e49ec7aff57
SHA256 f0fdbf09d4a6f7301af1d687916cae133ed2265d9eb4cb73ec76edb1440e45cd
ssdeep
3072:ZtUxagq58ghpPyjL/xSu90OoiLuDKZXfwKeljR1C:ZtUxagqOgvPAxUOmD+XfwLu

File size 227.8 KB ( 233219 bytes )
File type XML
Magic literal
XML document text

TrID Microsoft Office XML Flat File Format Word Document (ASCII) (65.1%)
Microsoft Office XML Flat File Format (ASCII) (31.0%)
Generic XML (ASCII) (2.3%)
HyperText Markup Language (1.4%)
Tags
xml

VirusTotal metadata
First submission 2019-01-30 14:37:49 UTC ( 3 months, 3 weeks ago )
Last submission 2019-02-05 07:13:52 UTC ( 3 months, 2 weeks ago )
File names 23856006350647731.doc
US29356941911754359890.doc
output.115112887.txt
100408369571557.doc
VXZ83500438827719.doc
US912200296.doc
EIN_365951077.doc
ACH_Payment_74189536040.doc
910674166731871.doc
US58490753159.doc
EIN_ACH_07437222005728739976.doc
EIN_21740419065188966343.doc
223530902493077010.doc
238219329108.doc
emotet_e2_f0fdbf09d4a6f7301af1d687916cae133ed2265d9eb4cb73ec76edb1440e45cd_2019-01-30__144003.doc
5313793379.doc
461359428599144651.doc
ExifTool file metadata
WordDocumentFontsFontPitchVal
variable

WordDocumentBodySectPRPictShapeType
#_x0000_t75

WordDocumentBodySectPRPictShapeStyle
width:468pt;height:349.5pt;visibility:visible;mso-wrap-style:square

WordDocumentDocumentPropertiesCharacters
7

WordDocumentBodySectSectPrPgMarBottom
1440

WordDocumentStylesStyleNameVal
Normal

WordDocumentStylesStyleRPrLangBidi
AR-SA

WordDocumentBodySectPRPictShapetypeId
_x0000_t75

MIMEType
application/xml

WordDocumentStylesStyleTblPrTblCellMarTopType
dxa

WordDocumentBodySectPRPictShapeSpid
_x0000_i1025

WordDocumentStylesStyleRsidVal
005A24B1

WordDocumentBodySectPRPictShapetypePathConnecttype
rect

WordDocumentBodySectSectPrPgMarRight
1440

WordDocumentShapeDefaultsShapelayoutIdmapExt
edit

WordDocumentBodySectPRPictShapetypePathExtrusionok
f

WordDocumentShapeDefaultsShapedefaultsExt
edit

WordDocumentBodySectPRPictShapeId
Picture 1

WordDocumentStylesStyleTblPrTblCellMarRightType
dxa

WordDocumentFontsFontName
Times New Roman

WordDocumentBodySectPRPictShapetypeFormulasFEqn
if lineDrawn pixelLineWidth 0

WordDocumentStylesStyleTblPrTblCellMarTopW
0

WordDocumentFontsDefaultFontsCs
Times New Roman

WordDocumentBodySectPRPictShapetypeLockAspectratio
t

WordDocumentStylesStylePPrSpacingLine
259

WordDocumentDocSuppDataBinDataName
ajhlo

WordDocumentDocPrZoomPercent
100

WordDocumentBodySectSectPrPgSzH
15840

WordDocumentFontsDefaultFontsAscii
Calibri

WordDocumentStylesStyleStyleId
Normal

WordDocumentBodySectSectPrPgSzW
12240

WordDocumentBodySectPRPictShapetypePreferrelative
t

WordDocumentStylesStylePPrSpacingAfter
160

WordDocumentOcxPresent
no

WordDocumentStylesStyleTblPrTblIndType
dxa

WordDocumentDocPrRsidsRsidRootVal
005E6EE1

WordDocumentDocumentPropertiesLastSaved
2019:01:30 14:24:00Z

WordDocumentBodySectPRPictShapetypeLockExt
edit

WordDocumentBodySectSectPrPgMarLeft
1440

WordDocumentBodySectSectPrColsSpace
720

FileType
XML

WordDocumentDocumentPropertiesPages
1

WordDocumentStylesLatentStylesLsdExceptionName
Normal

WordDocumentStylesStyleTblPrTblCellMarRightW
108

WordDocumentDocPrDefaultTabStopVal
720

WordDocumentDocumentPropertiesRevision
1

WordDocumentBodySectSectPrPgMarFooter
720

WordDocumentDocumentPropertiesTotalTime
0

WordDocumentBodySectSectPrPgMarTop
1440

WordDocumentStylesStyleUiNameVal
Table Normal

WordDocumentBodySectSectPrPgMarHeader
720

WordDocumentDocumentPropertiesParagraphs
1

WordDocumentBodySectPRRsidRPr
00DD58A5

WordDocumentBodySectPRsidR
00CF6451

WordDocumentBodySectPRPictShapetypeStroked
f

WordDocumentBodySectPRPictShapetypeCoordsize
21600,21600

WordDocumentDocPrCharacterSpacingControlVal
DontCompress

WordDocumentEmbeddedObjPresent
no

WordDocumentStylesStyleRPrRFontsAscii
Tahoma

WordDocumentStylesVersionOfBuiltInStylenamesVal
7

WordDocumentIgnoreSubtreeVal
http://schemas.microsoft.com/office/word/2003/wordml/sp2

WordDocumentBodySectPRPictBinData
(Binary data 145376 bytes, use -b option to extract)

WordDocumentStylesStyleTblPrTblCellMarBottomType
dxa

WordDocumentFontsFontCharsetVal
00

WordDocumentDocumentPropertiesLines
1

WordDocumentStylesStyleTblPrTblCellMarBottomW
0

WordDocumentStylesLatentStylesDefLockedState
off

WordDocumentDocPrRsidsRsidVal
005A24B1

WordDocumentBodySectPRPictShapetypeFilled
f

WordDocumentBodySectPRPictShapeImagedataSrc
wordml://uvbzzoptfpum

WordDocumentBodySectPRPictShapetypeStrokeJoinstyle
miter

WordDocumentDocumentPropertiesCharactersWithSpaces
7

WordDocumentStylesStyleLinkVal
BalloonTextChar

WordDocumentStylesLatentStylesLatentStyleCount
375

WordDocumentDocPrAlwaysShowPlaceholderTextVal
off

WordDocumentBodySectPRPictShapetypePath
m@4@5l@4@11@9@11@9@5xe

WordDocumentDocumentPropertiesCreated
2019:01:30 14:24:00Z

WordDocumentStylesStyleRPrRFontsCs
Tahoma

WordDocumentBodySectSectPrPgMarGutter
0

WordDocumentDocPrViewVal
print

WordDocumentBodySectPRsidRDefault
00CF6451

WordDocumentStylesStyleTblPrTblCellMarLeftW
108

WordDocumentMacrosPresent
yes

WordDocumentFontsFontFamilyVal
Roman

WordDocumentStylesStyleRPrLangVal
EN-US

WordDocumentDocumentPropertiesWords
1

WordDocumentStylesStyleTblPrTblIndW
0

WordDocumentFontsDefaultFontsFareast
Calibri

WordDocumentStylesStyleRPrSzVal
22

FileTypeExtension
xml

WordDocumentShapeDefaultsShapelayoutExt
edit

WordDocumentBodySectPRPictShapetypePathGradientshapeok
t

WordDocumentStylesStyleRPrLangFareast
EN-US

WordDocumentShapeDefaultsShapedefaultsSpidmax
1026

WordDocumentStylesStyleBasedOnVal
Normal

WordDocumentBodySectPRPictBinDataName
wordml://uvbzzoptfpum

WordDocumentBodySectSectPrRsidR
005E6EE1

WordDocumentDocPrPixelsPerInchVal
120

WordDocumentDocPrIgnoreMixedContentVal
off

WordDocumentBodySectPRPictShapetypeSpt
75

WordDocumentStylesStyleRPrFontVal
Calibri

WordDocumentStylesStyleTblPrTblCellMarLeftType
dxa

WordDocumentDocPrSaveInvalidXMLVal
off

WordDocumentDocumentPropertiesVersion
16

WordDocumentStylesStyleDefault
on

WordDocumentShapeDefaultsShapelayoutIdmapData
1

WordDocumentStylesStyleType
paragraph

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!