× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 088ae293274a384ad666aa96016255bb8fa8bd7d8f144bac15819f14600d0b64
File name: India deploys world_s largest military transport plane.dc
Detection ratio: 34 / 57
Analysis date: 2015-09-17 11:15:12 UTC ( 2 years, 5 months ago )
Antivirus Result Update
Ad-Aware Exploit.CVE-2012-0158.Gen 20150917
Yandex Exploit.CVE-2012-0158.J 20150916
AhnLab-V3 DOC/Ratbolo 20150916
ALYac Exploit.CVE-2012-0158.Gen 20150917
Antiy-AVL Trojan[Exploit]/MSWord.CVE-2012-0158.di 20150917
Arcabit Exploit.CVE-2012-0158.Gen 20150917
Avast MO97:ShellCode-AM [Expl] 20150917
AVG Exploit_c.ACAA 20150917
AVware LooksLike.OLE.Malware.a (v) 20150917
BitDefender Exploit.CVE-2012-0158.Gen 20150917
CAT-QuickHeal Exp.OLE.CVE-2012-0158.AA 20150916
Cyren Exploit/WRD.gen 20150917
Emsisoft Exploit.CVE-2012-0158.Gen (B) 20150917
F-Prot Exploit/WRD.gen 20150917
F-Secure Exploit.CVE-2012-0158.Gen 20150917
Fortinet MSWord/Toolbar.A!exploit 20150917
GData Exploit.CVE-2012-0158.Gen 20150917
Ikarus Exploit.MSWord.Agent 20150917
Jiangmin Exploit.CVE-2012-0158.Gen 20150916
Kaspersky Exploit.MSWord.CVE-2012-0158.di 20150917
McAfee Exploit-MSWord!7D775A39ECD5 20150917
McAfee-GW-Edition Exploit-MSWord!7D775A39ECD5 20150916
Microsoft Exploit:Win32/Ratbolo 20150917
eScan Exploit.CVE-2012-0158.Gen 20150917
NANO-Antivirus Exploit.ComObj.CVE-2012-0158.hzuf 20150917
nProtect Exploit.CVE-2012-0158.Gen 20150917
Qihoo-360 virus.exp.20120158 20150917
Rising NORMAL:Hack.Exploit.CVE-2012-0158.d!1612165[F1] 20150916
Sophos AV Troj/DocDrop-BE 20150917
Symantec Trojan.Mdropper 20150916
Tencent Exploit.WORD.CVE-2012-0158.A 20150917
TrendMicro TROJ_MDROP.XXTYN 20150917
TrendMicro-HouseCall TROJ_MDROP.XXTYN 20150917
VIPRE LooksLike.OLE.Malware.a (v) 20150917
AegisLab 20150917
Alibaba 20150917
Avira (no cloud) 20150917
Baidu-International 20150917
Bkav 20150917
ByteHero 20150917
ClamAV 20150917
CMC 20150916
Comodo 20150917
DrWeb 20150917
ESET-NOD32 20150917
K7AntiVirus 20150917
K7GW 20150917
Kingsoft 20150917
Malwarebytes 20150917
Panda 20150916
SUPERAntiSpyware 20150917
TheHacker 20150916
TotalDefense 20150917
VBA32 20150916
ViRobot 20150917
Zillya 20150916
Zoner 20150917
The file being studied follows the Compound Document File format! More specifically, it is a MS Word Document file.
Summary
last_author
Tran Duy Linh
creation_datetime
2012-11-23 05:35:00
template
Normal.dotm
author
Tran Duy Linh
page_count
1
last_saved
2012-11-23 05:39:00
edit_time
240
word_count
5
revision_number
2
application_name
Microsoft Office Word
character_count
34
code_page
Korean
Document summary
line_count
1
company
DLC Corporation
characters_with_spaces
38
version
786432
paragraph_count
1
code_page
Korean
OLE Streams
kids
\\x01CompObj, \\x05DocumentSummaryInformation, \\x05SummaryInformation, 1Table, Data, ObjectPool, WordDocument
name
Root Entry
clsid
00020906-0000-0000-c000-000000000046
type_literal
root
clsid_literal
MS Word
size
8064
type_literal
stream
md5
39ae993ffa0add8bc864f45025981a01
entropy
1.23576102955
name
Data
size
4096
type_literal
stream
md5
8a6c000a606ba4d5380268bfadc941ce
entropy
1.35391251612
name
WordDocument
size
4096
type_literal
storage
kids
_1415175909
name
ObjectPool
size
0
kids
\\x03OCXNAME, \\x03ObjInfo, Contents
name
_1415175909
clsid
66833fe6-8583-11d1-b16a-00c0f0283628
type_literal
storage
clsid_literal
MS Toolbar control
size
0
type_literal
stream
md5
df5829104e4b8e32f84c364fe98466ce
entropy
5.99682815118
name
1Table
size
6665
type_literal
stream
md5
4ca5369aefea7f0784dceab1db711877
entropy
3.39130295676
name
\\x05SummaryInformation
size
416
type_literal
stream
md5
8c0bb7d09f7f31e8eaa9839db78b0cb0
entropy
2.71216412084
name
\\x05DocumentSummaryInformation
size
292
type_literal
stream
md5
fdd55237cb3827facd544771c4d3b939
entropy
4.36374049783
name
\\x01CompObj
size
121
ExifTool file metadata
SharedDoc
No

Author
Tran Duy Linh

CodePage
Windows Korean (Unified Hangul Code)

LinksUpToDate
No

LastModifiedBy
Tran Duy Linh

HeadingPairs
Title, 1

Template
Normal.dotm

CharCountWithSpaces
38

CreateDate
2012:11:23 04:35:00

CompObjUserType
Microsoft Office Word 97-2003 Document

ModifyDate
2012:11:23 04:39:00

Company
DLC Corporation

HyperlinksChanged
No

Characters
34

ScaleCrop
No

RevisionNumber
2

MIMEType
application/msword

Words
5

FileType
DOC

Lines
1

AppVersion
12.0

Security
None

Software
Microsoft Office Word

TotalEditTime
4.0 minutes

Pages
1

CompObjUserTypeLen
39

FileTypeExtension
doc

Paragraphs
1

File identification
MD5 7d775a39ecd517cee4369c672e0e4da7
SHA1 a628e0eb8cd37d2b9789d3336674aa42e8ad5917
SHA256 088ae293274a384ad666aa96016255bb8fa8bd7d8f144bac15819f14600d0b64
ssdeep
1536:pTslNrEdmMSdVNG4lb2pNwMLUucLYL5rU:BslNqmMSd3G4Z24icUL6

File size 58.8 KB ( 60232 bytes )
File type MS Word Document
Magic literal
CDF V2 Document, Little Endian, Os: Windows, Version 5.1, Code page: 949, Author: Tran Duy Linh, Template: Normal.dotm, Last Saved By: Tran Duy Linh, Revision Number: 2, Name of Creating Application: Microsoft Office Word, Total Editing Time: 04:00, Create Time/Date: Thu Nov 22 04:35:00 2012, Last Saved Time/Date: Thu Nov 22 04:39:00 2012, Number of Pages: 1, Number of Words: 5, Number of Characters: 34, Security: 0

TrID Microsoft Word document (80.0%)
Generic OLE2 / Multistream Compound File (20.0%)
Tags
cve-2012-0158 doc exploit

VirusTotal metadata
First submission 2013-10-28 10:22:00 UTC ( 4 years, 4 months ago )
Last submission 2013-10-28 10:22:00 UTC ( 4 years, 4 months ago )
File names India deploys world_s largest military transport plane.dc
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!