× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: fd8ed18547954c8355cef69167f01ebc65330ba585e24645beb977967a01e322
File name: Order0210177.doc
Detection ratio: 15 / 58
Analysis date: 2017-10-02 13:06:54 UTC ( 1 year, 7 months ago ) View latest
Antivirus Result Update
Arcabit Exploit.CVE-2017-0199.Gen 20171002
Baidu Win32.Exploit.CVE-2017-0199.c 20170930
BitDefender Exploit.CVE-2017-0199.Gen 20171002
ClamAV Rtf.Exploit.CVE_2017_0199-6331394-6 20171002
Emsisoft Exploit.CVE-2017-0199.Gen (B) 20171002
F-Secure Exploit.CVE-2017-0199.Gen 20171002
Fortinet MSWord/CVE20170199.A!exploit 20170929
GData Exploit.CVE-2017-0199.Gen 20171002
Kaspersky HEUR:Exploit.MSOffice.Generic 20171002
MAX malware (ai score=82) 20171002
eScan Exploit.CVE-2017-0199.Gen 20171002
NANO-Antivirus Exploit.Rtf.Heuristic-rtf.dinbqn 20171002
nProtect Downloader/RTF.CVE-2017-0199 20171002
Qihoo-360 virus.exp.20170199 20171002
ZoneAlarm by Check Point HEUR:Exploit.MSOffice.Generic 20171002
Ad-Aware 20171002
AegisLab 20171002
AhnLab-V3 20171002
Alibaba 20170911
ALYac 20171002
Antiy-AVL 20171002
Avast 20171002
Avast-Mobile 20171002
AVG 20171002
Avira (no cloud) 20171002
AVware 20171002
Bkav 20170928
CAT-QuickHeal 20170930
CMC 20171002
Comodo 20171002
CrowdStrike Falcon (ML) 20170804
Cylance 20171002
Cyren 20171002
DrWeb 20171002
Endgame 20170821
ESET-NOD32 20171002
F-Prot 20171002
Ikarus 20171002
Sophos ML 20170914
Jiangmin 20171002
K7AntiVirus 20171002
K7GW 20171002
Kingsoft 20171002
Malwarebytes 20171002
McAfee 20171002
McAfee-GW-Edition 20171002
Microsoft 20171002
Palo Alto Networks (Known Signatures) 20171002
Panda 20171002
SentinelOne (Static ML) 20171001
Sophos AV 20171002
SUPERAntiSpyware 20171002
Symantec 20171002
Symantec Mobile Insight 20170928
Tencent 20171002
TheHacker 20170928
TrendMicro 20171002
TrendMicro-HouseCall 20171002
Trustlook 20171002
VBA32 20171002
VIPRE 20171002
ViRobot 20171002
Webroot 20171002
WhiteArmor 20170927
Yandex 20170908
Zillya 20171002
Zoner 20171002
The file being studied is a Rich Text Format file! RTF is a proprietary document file format with published specification developed by Microsoft Corporation since 1987 for Microsoft products and for cross-platform document interchange.
Document properties
Non ascii characters
0
Embedded drawings
0
Rtf header
rtf9780321
Read only protection
False
User protection
False
Default character set
ANSI (default)
Custom xml data properties
0
Dos stubs
0
Objects
OLE autolink (\'57\'6F\'72\'64\'2E\'64\'4F\'63\'55\'4D\'45\'6E\'74\'2E\'32\'31\'36)
Embedded pictures
0
Longest hex string
63840
ExifTool file metadata
MIMEType
text/rtf

FileType
RTF

Warning
Unspecified RTF encoding. Will assume Latin

FileTypeExtension
rtf

File identification
MD5 affc190400ffffea1a3a83753754ba19
SHA1 92465b7a5cfd2de6a33738f5b9913f5e395e6931
SHA256 fd8ed18547954c8355cef69167f01ebc65330ba585e24645beb977967a01e322
ssdeep
1536:UtdIX2T+aJvxey+jxeGr/CsMnYPuDRbhv4jd:4IGT+KZey+8pY

File size 139.8 KB ( 143194 bytes )
File type Rich Text Format
Magic literal
Rich Text Format data, unknown version

TrID Rich Text Format (100.0%)
Tags
rtf cve-2017-11882 exploit ole-autolink cve-2017-0199 attachment

VirusTotal metadata
First submission 2017-10-02 13:06:54 UTC ( 1 year, 7 months ago )
Last submission 2018-05-12 23:56:38 UTC ( 1 year ago )
File names Order0210177.doc
ExifTool file metadata
MIMEType
text/rtf

FileType
RTF

Warning
Unspecified RTF encoding. Will assume Latin

FileTypeExtension
rtf

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!