× Cookies sú vypnuté! Aby táto stránka vyžaduje mať zapnuté cookies aby fungovala správne.
SHA256: 594bf62f52df202225eeda2903d5d7d2aa818e2b4d37085fc79704f7ac257969
Názov súboru: d6c7a690eac1009881ec6b43e09e3000_doc
Pomer detekcie: 6 / 61
Dátum analýzy: 2017-11-01 13:55:04 UTC ( pred 1 rok, 6 mesiacov ) Zobraziť posledné
Antivírus Výsledok Aktualizovať
eGambit Trojan.Generic 20171101
Fortinet VBA/Agent.EXE!tr 20171101
Ikarus Win32.Outbreak 20171101
Qihoo-360 virus.office.obfuscated.1 20171101
Symantec W97M.Downloader 20171101
Tencent Macro.Trojan.Dropperd.Auto 20171101
Ad-Aware 20171101
AegisLab 20171101
AhnLab-V3 20171101
Alibaba 20170911
ALYac 20171101
Antiy-AVL 20171101
Arcabit 20171101
Avast 20171101
Avast-Mobile 20171101
AVG 20171101
Avira (no cloud) 20171101
AVware 20171101
Baidu 20171101
BitDefender 20171101
Bkav 20171101
CAT-QuickHeal 20171101
ClamAV 20171031
CMC 20171101
Comodo 20171101
CrowdStrike Falcon (ML) 20171016
Cybereason 20171030
Cylance 20171101
Cyren 20171101
DrWeb 20171101
Emsisoft 20171101
Endgame 20171024
ESET-NOD32 20171101
F-Prot 20171101
F-Secure 20171101
GData 20171101
Sophos ML 20170914
Jiangmin 20171101
K7AntiVirus 20171101
K7GW 20171101
Kaspersky 20171101
Kingsoft 20171101
Malwarebytes 20171101
MAX 20171101
McAfee 20171031
McAfee-GW-Edition 20171101
Microsoft 20171101
eScan 20171101
NANO-Antivirus 20171101
nProtect 20171101
Palo Alto Networks (Known Signatures) 20171101
Panda 20171101
Rising 20171101
SentinelOne (Static ML) 20171019
Sophos AV 20171101
SUPERAntiSpyware 20171101
Symantec Mobile Insight 20171101
TheHacker 20171031
TotalDefense 20171101
TrendMicro 20171101
TrendMicro-HouseCall 20171101
Trustlook 20171101
VBA32 20171101
VIPRE 20171101
ViRobot 20171101
Webroot 20171101
WhiteArmor 20171024
Yandex 20171031
Zillya 20171101
ZoneAlarm by Check Point 20171101
Zoner 20171101
The file being studied follows the Compound Document File format! More specifically, it is a MS Word Document file.
Commonly abused properties
The studied file makes use of macros, a macro is a series of commands and instructions that you group together as a single command to accomplish a task automatically. Macros are often abused to perform malicious tasks when working with a document.
May create OLE objects.
Summary
last_author
user
creation_datetime
2017-11-01 12:53:00
revision_number
21
author
Longer
page_count
1
last_saved
2017-11-01 11:17:00
edit_time
840
word_count
93
template
Normal
application_name
Microsoft Office Word
character_count
534
code_page
Cyrillic
Document summary
line_count
4
company
diakov.net
characters_with_spaces
626
version
786432
paragraph_count
1
code_page
Cyrillic
OLE Streams
name
Root Entry
clsid
00020906-0000-0000-c000-000000000046
type_literal
root
clsid_literal
MS Word
sid
0
size
32000
type_literal
stream
sid
55
name
\x01CompObj
size
121
type_literal
stream
sid
5
name
\x05DocumentSummaryInformation
size
4096
type_literal
stream
sid
4
name
\x05SummaryInformation
size
4096
type_literal
stream
sid
2
name
1Table
size
6762
type_literal
stream
sid
1
name
Data
size
4096
type_literal
stream
sid
36
name
Macros/Itsk_birl/\x01CompObj
size
97
type_literal
stream
sid
37
name
Macros/Itsk_birl/\x03VBFrame
size
289
type_literal
stream
sid
34
name
Macros/Itsk_birl/f
size
219
type_literal
stream
sid
35
name
Macros/Itsk_birl/o
size
260
type_literal
stream
sid
41
name
Macros/Jikxibp/\x01CompObj
size
97
type_literal
stream
sid
42
name
Macros/Jikxibp/\x03VBFrame
size
292
type_literal
stream
sid
39
name
Macros/Jikxibp/f
size
239
type_literal
stream
sid
40
name
Macros/Jikxibp/o
size
224
type_literal
stream
sid
46
name
Macros/Ns_oari/\x01CompObj
size
97
type_literal
stream
sid
47
name
Macros/Ns_oari/\x03VBFrame
size
289
type_literal
stream
sid
44
name
Macros/Ns_oari/f
size
311
type_literal
stream
sid
45
name
Macros/Ns_oari/o
size
436
type_literal
stream
sid
54
name
Macros/PROJECT
size
1239
type_literal
stream
sid
53
name
Macros/PROJECTwm
size
458
type_literal
stream
sid
10
type
macro
name
Macros/VBA/Bibb_jjd_1
size
869
type_literal
stream
sid
12
type
macro
name
Macros/VBA/Ddavcnh
size
861
type_literal
stream
sid
13
type
macro
name
Macros/VBA/Fjonzvfk
size
1169
type_literal
stream
sid
14
type
macro
name
Macros/VBA/H_xuwnyhaeu
size
1977
type_literal
stream
sid
15
type
macro
name
Macros/VBA/Ipvu3
size
866
type_literal
stream
sid
16
type
macro (only attributes)
name
Macros/VBA/Itsk_birl
size
1173
type_literal
stream
sid
17
type
macro
name
Macros/VBA/Izpub
size
1040
type_literal
stream
sid
18
type
macro (only attributes)
name
Macros/VBA/Jikxibp
size
1172
type_literal
stream
sid
19
type
macro
name
Macros/VBA/Mfwe
size
900
type_literal
stream
sid
20
type
macro
name
Macros/VBA/Nmvjcslxp
size
1408
type_literal
stream
sid
21
type
macro
name
Macros/VBA/Ns_oari
size
1416
type_literal
stream
sid
23
type
macro
name
Macros/VBA/R_qycdzl6
size
1031
type_literal
stream
sid
8
type
macro
name
Macros/VBA/ThisDocument
size
1129
type_literal
stream
sid
24
type
macro (only attributes)
name
Macros/VBA/Vgnzhysbbc
size
1176
type_literal
stream
sid
26
name
Macros/VBA/_VBA_PROJECT
size
6389
type_literal
stream
sid
11
type
macro
name
Macros/VBA/bzi9
size
2783
type_literal
stream
sid
9
type
macro
name
Macros/VBA/cfup
size
915
type_literal
stream
sid
27
name
Macros/VBA/dir
size
1525
type_literal
stream
sid
22
type
macro
name
Macros/VBA/ouil
size
1660
type_literal
stream
sid
25
type
macro
name
Macros/VBA/ynacje_au
size
871
type_literal
stream
sid
51
name
Macros/Vgnzhysbbc/\x01CompObj
size
97
type_literal
stream
sid
52
name
Macros/Vgnzhysbbc/\x03VBFrame
size
291
type_literal
stream
sid
49
name
Macros/Vgnzhysbbc/f
size
283
type_literal
stream
sid
50
name
Macros/Vgnzhysbbc/o
size
292
type_literal
stream
sid
31
name
Macros/bzi9/\x01CompObj
size
97
type_literal
stream
sid
32
name
Macros/bzi9/\x03VBFrame
size
289
type_literal
stream
sid
29
name
Macros/bzi9/f
size
311
type_literal
stream
sid
30
name
Macros/bzi9/o
size
444
type_literal
stream
sid
3
name
WordDocument
size
4148
Macros and VBA code streams
[+] ThisDocument.cls Macros/VBA/ThisDocument 45 bytes
[+] cfup.bas Macros/VBA/cfup 68 bytes
[+] Bibb_jjd_1.bas Macros/VBA/Bibb_jjd_1 65 bytes
[+] bzi9.frm Macros/VBA/bzi9 769 bytes
[+] Ddavcnh.bas Macros/VBA/Ddavcnh 52 bytes
[+] Fjonzvfk.bas Macros/VBA/Fjonzvfk 203 bytes
[+] H_xuwnyhaeu.bas Macros/VBA/H_xuwnyhaeu 563 bytes
[+] Ipvu3.bas Macros/VBA/Ipvu3 66 bytes
[+] Izpub.bas Macros/VBA/Izpub 130 bytes
[+] Mfwe.bas Macros/VBA/Mfwe 65 bytes
[+] Nmvjcslxp.bas Macros/VBA/Nmvjcslxp 347 bytes
[+] Ns_oari.frm Macros/VBA/Ns_oari 89 bytes
create-ole
[+] ouil.bas Macros/VBA/ouil 507 bytes
[+] R_qycdzl6.bas Macros/VBA/R_qycdzl6 116 bytes
[+] ynacje_au.bas Macros/VBA/ynacje_au 48 bytes
ExifTool file metadata
SharedDoc
No

Author
Longer

HyperlinksChanged
No

LinksUpToDate
No

LastModifiedBy
user

HeadingPairs
Title, 1, , 1

Template
Normal

CharCountWithSpaces
626

CreateDate
2017:11:01 11:53:00

CompObjUserType
Microsoft Office Word 97-2003 Document

ModifyDate
2017:11:01 10:17:00

TitleOfParts
,

Company
diakov.net

Characters
534

CodePage
Windows Cyrillic

RevisionNumber
21

MIMEType
application/msword

Words
93

FileType
DOC

Lines
4

AppVersion
12.0

Security
None

Software
Microsoft Office Word

TotalEditTime
14.0 minutes

Pages
1

ScaleCrop
No

CompObjUserTypeLen
39

FileTypeExtension
doc

Paragraphs
1

File identification
MD5 d6c7a690eac1009881ec6b43e09e3000
SHA1 de1d5f111b1e350f917e476945e5b1b5bbddbcee
SHA256 594bf62f52df202225eeda2903d5d7d2aa818e2b4d37085fc79704f7ac257969
ssdeep
768:+WZxrr5o/C1USvV91p9ZP0yqsApx0Vgs+hePI9pUpqg8puGpjwpp:FVqMvV3HA9Gl80GC

Veľkosť súboru 72.0 KB ( 73728 bytes )
Typ súboru MS Word Document
Magic literal
CDF V2 Document, Little Endian, Os: Windows, Version 5.1, Code page: 1251, Author: Longer, Template: Normal, Last Saved By: user, Revision Number: 21, Name of Creating Application: Microsoft Office Word, Total Editing Time: 14:00, Create Time/Date: Tue Oct 31 11:53:00 2017, Last Saved Time/Date: Tue Oct 31 10:17:00 2017, Number of Pages: 1, Number of Words: 93, Number of Characters: 534, Security: 0

TrID Microsoft Word document (80.0%)
Generic OLE2 / Multistream Compound File (20.0%)
Tags
macros create-ole attachment doc

VirusTotal metadata
First submission 2017-11-01 10:36:12 UTC ( pred 1 rok, 6 mesiacov )
Last submission 2018-05-07 20:30:15 UTC ( pred 1 rok )
Názov súborov: d6c7a690eac1009881ec6b43e09e3000.virobj
de1d5f111b1e350f917e476945e5b1b5bbddbcee
d6c7a690eac1009881ec6b43e09e3000_doc
__substg1.0_37010102
1024-de1d5f111b1e350f917e476945e5b1b5bbddbcee
d6c7a690eac1009881ec6b43e09e3000.doc
secure.doc
Žiadne komentáre. Žiaden člen VirusTotal komunity sa ešte nevyjadril. Buď prvý, kto sa vyjadrí!

Zanechať komentár...

?
Pridať komentár

Nie ste prihlásený. Iba registrovaný užívatelia môžu písať komentáre, príhlásiť sa a niečo zmeniť!

Žiadne hlasy. Nikto ešte nehlasoval. Buďte prvý kto tak urobí!