| SHA256: | c884712b924af42a0c22c387a5ed811e03f9c0748a0625c19c143f33b0834452 |
| ფაილის სახელი: | FTC_kelly.doc |
| დაფიქსირების შეფარდება: | 5 / 56 |
| ანალიზის თარიღი: | 2017-04-17 17:46:31 UTC ( 3 თვე, 1 კვირა-ის წინ ) ბოლო |
| ანტივირუსი | შედეგები | განახლება |
|---|---|---|
| DrWeb | modification of W97M.Suspicious.1 | 20170417 |
| Fortinet | WM/Agent.JU!tr | 20170417 |
| McAfee | W97M/Dropper.da | 20170417 |
| McAfee-GW-Edition | W97M/Dropper.da | 20170417 |
| Qihoo-360 | virus.office.qexvmc.1065 | 20170417 |
| Ad-Aware | 20170417 | |
| AegisLab | 20170417 | |
| AhnLab-V3 | 20170417 | |
| Alibaba | 20170417 | |
| ALYac | 20170417 | |
| Antiy-AVL | 20170417 | |
| Arcabit | 20170417 | |
| Avast | 20170417 | |
| AVG | 20170417 | |
| Avira (no cloud) | 20170417 | |
| AVware | 20170417 | |
| Baidu | 20170417 | |
| BitDefender | 20170417 | |
| Bkav | 20170415 | |
| CAT-QuickHeal | 20170417 | |
| ClamAV | 20170417 | |
| CMC | 20170417 | |
| Comodo | 20170417 | |
| CrowdStrike Falcon (ML) | 20170130 | |
| Cyren | 20170417 | |
| Emsisoft | 20170417 | |
| Endgame | 20170413 | |
| ESET-NOD32 | 20170417 | |
| F-Prot | 20170417 | |
| F-Secure | 20170417 | |
| GData | 20170417 | |
| Ikarus | 20170417 | |
| Sophos ML | 20170413 | |
| Jiangmin | 20170417 | |
| K7AntiVirus | 20170417 | |
| K7GW | 20170417 | |
| Kaspersky | 20170417 | |
| Kingsoft | 20170417 | |
| Malwarebytes | 20170417 | |
| Microsoft | 20170417 | |
| eScan | 20170417 | |
| NANO-Antivirus | 20170416 | |
| nProtect | 20170417 | |
| Palo Alto Networks (Known Signatures) | 20170417 | |
| Panda | 20170417 | |
| Rising | 20170417 | |
| SentinelOne (Static ML) | 20170330 | |
| Sophos AV | 20170417 | |
| SUPERAntiSpyware | 20170417 | |
| Symantec | 20170417 | |
| Symantec Mobile Insight | 20170414 | |
| Tencent | 20170417 | |
| TheHacker | 20170416 | |
| TrendMicro | 20170417 | |
| TrendMicro-HouseCall | 20170417 | |
| Trustlook | 20170417 | |
| VBA32 | 20170417 | |
| VIPRE | 20170417 | |
| ViRobot | 20170417 | |
| Webroot | 20170417 | |
| WhiteArmor | 20170409 | |
| Yandex | 20170417 | |
| Zillya | 20170414 | |
| ZoneAlarm by Check Point | 20170417 | |
| Zoner | 20170417 |
The file being studied follows the Compound Document File format!
More specifically, it is a MS Word Document file.
Commonly abused properties
The studied file makes use of macros, a macro is a series of commands
and instructions that you group together as a single command to accomplish a task automatically.
Macros are often abused to perform malicious tasks when working with a document.
May execute code from Dynamically Linked Libraries.
Summary
last_author
admin
creation_datetime
2017-04-17 10:17:00
author
White
title
page_count
1
last_saved
2017-04-17 10:22:00
edit_time
180
word_count
250
revision_number
4
application_name
Microsoft Office Word
character_count
1426
security
8
code_page
Cyrillic
template
Normal
Document summary
byte_count
11000
characters_with_spaces
1673
line_count
11
version
730895
paragraph_count
3
code_page
Cyrillic
OLE Streams
Macros and VBA code streams
ExifTool file metadata
SharedDoc
No
Author
White
CodePage
Windows Cyrillic
LinksUpToDate
No
LastModifiedBy
admin
HeadingPairs
, 1
Template
Normal
CharCountWithSpaces
1673
CreateDate
2017:04:17 09:17:00
CompObjUserType
???????? Microsoft Office Word
ModifyDate
2017:04:17 09:22:00
HyperlinksChanged
No
Characters
1426
ScaleCrop
No
RevisionNumber
4
MIMEType
application/msword
Words
250
Bytes
11000
FileType
DOC
Lines
11
AppVersion
11.9999
Security
Locked for annotations
Software
Microsoft Office Word
TotalEditTime
3.0 minutes
Pages
1
CompObjUserTypeLen
31
FileTypeExtension
doc
Paragraphs
3
Compressed bundles
File identification
MD5 5d05405bc55702acc7784e30c9dac56e
SHA1 da6be008dc8443e57d9364397e84f247cc859959
SHA256 c884712b924af42a0c22c387a5ed811e03f9c0748a0625c19c143f33b0834452
ssdeep
3072:8T+57zn6BGMjmVNKe5Y7OnPOyqHPnyeachEh46mIJ0cZNF8RF8:8T+5q8MBe5VO/vnyeaYEh46zXNFYF
File size
163.0 კბ ( 166912 bytes )
File type MS Word Document
Magic literal
CDF V2 Document, Little Endian, Os: Windows, Version 6.1, Code page: 1251, Title: , Author: White, Template: Normal, Last Saved By: admin, Revision Number: 4, Name of Creating Application: Microsoft Office Word, Total Editing Time: 03:00, Create Time/Date: Sun Apr 16 09:17:00 2017, Last Saved Time/Date: Sun Apr 16 09:22:00 2017, Number of Pages: 1, Number of Words: 250, Number of Characters: 1426, Security: 8
| TrID |
Microsoft Word document (80.0%) Generic OLE2 / Multistream Compound File (20.0%) |
Tags
macros
run-dll
exe-pattern
doc
VirusTotal metadata
First submission
2017-04-17 14:32:14 UTC ( 3 თვე, 1 კვირა-ის წინ )
Last submission
2017-07-22 06:52:27 UTC ( 4 დღე, 15 საათი-ის წინ )
| ფაილის სახელები |
FTC_i.rzayev.doc FTC_daniel.v.snyder.doc FTC_jeroen.murre.doc FTC_jennie.r.sadosky.doc FTC_nicole.kinskofer.doc FTC_saltman.doc FTC_skr-gst.doc FTC_autumn.b.humphrey.doc FTC_dano.doc FTC_schan.doc FTC_birgitta.danielson.doc FTC_thorsdal.doc FTC_kyoko.yokoyama.doc FTC_michelle.soliz.doc FTC_briley.doc FTC_dennis.healy.doc FTC_karasvn.doc FTC_bethany.aiardo.doc FTC_yoyaku.doc FTC_woodhaml.doc FTC_sbakos.doc FTC_helpdesk.bstl.doc FTC_bruce.weaver.doc FTC_lholbeche.doc FTC_joel.butler.doc |
კომენტარები არაა.
ვირუსტოტალის წევრებს არ დაუტოვებიათ კომენტარი, იყავი პირველი!
თქვენ არ შესულხართ სისტემაში მხოლოდ დარეგისტრირებულ წევრებს შეუძლიათ კომენტარის დატოვება. დარეგისტრირდით რათა გქონდეთ თქვენი ხმა,
შეფასებები არ არის.
ეს ფაილი არავის შეუფასებია, იყავი პირველი!