× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: fa844a6e9d3c673ff349e6f72639f1370503dfc6d863706ca2cd787d496df39e
File name: fa844a6e9d3c673ff349e6f72639f1370503dfc6d863706ca2cd787d496df39e
Detection ratio: 20 / 58
Analysis date: 2019-01-14 03:52:12 UTC ( 2 months ago ) View latest
Antivirus Result Update
AhnLab-V3 RTF/Malform-C.Gen 20190113
Antiy-AVL Trojan[Exploit]/RTF.Obscure.Gen 20190113
Avast RTF:Downloader-J [Expl] 20190114
AVG RTF:Downloader-J [Expl] 20190114
CAT-QuickHeal Exp.RTF.Obfus.Gen 20190113
Cyren CVE-2017-11882.C.gen!Camelot 20190114
DrWeb Exploit.Rtf.CVE2012-0158 20190114
ESET-NOD32 a variant of Generik.GKRJFXB 20190113
Fortinet MSOffice/CVE_2017_11882.B!exploit 20190114
Ikarus Exploit.CVE-2017-11882 20190114
Jiangmin heur:Exploit.ShellCode.Gen 20190114
Kaspersky HEUR:Exploit.MSOffice.Generic 20190114
McAfee Exploit-CVE2017-11882.bq 20190114
McAfee-GW-Edition Exploit-CVE2017-11882.bq 20190114
NANO-Antivirus Exploit.Rtf.Heuristic-rtf.dinbqn 20190113
Qihoo-360 heur.rtf.obfuscated.1 20190114
Sophos AV Troj/RtfExp-ES 20190113
Symantec Bloodhound.RTF.12 20190113
TrendMicro HEUR_RTFMALFORM 20190113
ZoneAlarm by Check Point HEUR:Exploit.MSOffice.Generic 20190114
Acronis 20190111
Ad-Aware 20190114
AegisLab 20190113
Alibaba 20180921
ALYac 20190114
Arcabit 20190114
Avast-Mobile 20190113
Avira (no cloud) 20190113
Babable 20180918
Baidu 20190111
BitDefender 20190114
Bkav 20190108
ClamAV 20190114
CMC 20190113
Comodo 20190114
CrowdStrike Falcon (ML) 20180202
Cybereason 20180308
Cylance 20190114
eGambit 20190114
Emsisoft 20190114
Endgame 20181108
F-Prot 20190114
F-Secure 20190111
GData 20190114
Sophos ML 20181128
K7AntiVirus 20190113
K7GW 20190113
Kingsoft 20190114
Malwarebytes 20190114
MAX 20190114
Microsoft 20190114
eScan 20190113
Palo Alto Networks (Known Signatures) 20190114
Panda 20190113
Rising 20190113
SentinelOne (Static ML) 20181223
SUPERAntiSpyware 20190109
TACHYON 20190113
Tencent 20190114
TheHacker 20190113
TotalDefense 20190113
Trapmine 20190103
TrendMicro-HouseCall 20190113
Trustlook 20190114
VBA32 20190111
VIPRE 20190113
ViRobot 20190113
Webroot 20190114
Yandex 20190111
Zillya 20190111
Zoner 20190114
The file being studied is a Rich Text Format file! RTF is a proprietary document file format with published specification developed by Microsoft Corporation since 1987 for Microsoft products and for cross-platform document interchange.
Document properties
Non ascii characters
0
Embedded drawings
48
Rtf header
rtf1
Longest hex string
17799
Generator
Microsoft Word 11.0.5604
Read only protection
False
User protection
False
Default character set
ANSI (default)
Custom xml data properties
0
Dos stubs
0
Objects
OLE embedded (\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C{\unknowntype1234567890\shad {\defpap Deutsche)
OLE embedded (\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C\'1C{\unknowntype1234567890\shad {\defpap Deutsche)
Embedded pictures
0
Default languages
English - United States
ExifTool file metadata
MIMEType
text/rtf

FileType
RTF

Warning
Unspecified RTF encoding. Will assume Latin

FileTypeExtension
rtf

File identification
MD5 ca94b14df3106b3fc28be395e0dd558e
SHA1 987d1972da6de5b2d290da7c6c0400f910d4ce9b
SHA256 fa844a6e9d3c673ff349e6f72639f1370503dfc6d863706ca2cd787d496df39e
ssdeep
1536:rCKEi8M52TrBLQSuKS9ViLN31TEVCd0QhLkPaG7ijhFNpw7EuVM6krbghN2Unk+H:e0d

File size 84.0 KB ( 86003 bytes )
File type Rich Text Format
Magic literal
Rich Text Format data, version 1, unknown character set

TrID Rich Text Format (100.0%)
Tags
cve-2012-0158 ole-embedded exploit rtf cve-2017-11882

VirusTotal metadata
First submission 2019-01-14 03:52:12 UTC ( 2 months ago )
Last submission 2019-01-14 03:52:12 UTC ( 2 months ago )
ExifTool file metadata
MIMEType
text/rtf

FileType
RTF

Warning
Unspecified RTF encoding. Will assume Latin

FileTypeExtension
rtf

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!