× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: ba442907f3218c8664bbecb47f915c4469340219e0f05af8f2d108d72659ff0f
File name: 1.doc
Detection ratio: 17 / 54
Analysis date: 2016-11-29 08:36:25 UTC ( 2 months, 3 weeks ago )
Antivirus Result Update
ALYac Exploit.RTF-ObfsStrm.Gen 20161129
Ad-Aware Exploit.RTF-ObfsStrm.Gen 20161129
AegisLab Exploit.W32.Cve!c 20161129
Arcabit Exploit.RTF-ObfsStrm.Gen 20161129
BitDefender Exploit.RTF-ObfsStrm.Gen 20161129
DrWeb Exploit.Rtf.CVE2012-0158 20161129
Emsisoft Exploit.RTF-ObfsStrm.Gen (B) 20161129
F-Secure Exploit.RTF-ObfsStrm.Gen 20161129
GData Exploit.RTF-ObfsStrm.Gen 20161129
Kaspersky Exploit.Win32.CVE-2012-0158.j 20161129
eScan Exploit.RTF-ObfsStrm.Gen 20161129
NANO-Antivirus Exploit.Rtf.Heuristic-rtf.dinbqn 20161129
Qihoo-360 heur.rtf.obfuscated.1 20161129
Sophos Troj/DocDrop-NY 20161129
Symantec Trojan.Mdropper 20161129
Tencent Win32.Exploit.Cve-2012-0158.Eadi 20161129
TrendMicro HEUR_RTFMALFORM 20161129
AVG 20161129
AVware 20161129
AhnLab-V3 20161129
Alibaba 20161129
Antiy-AVL 20161129
Avast 20161129
Avira (no cloud) 20161128
Baidu 20161129
Bkav 20161128
CAT-QuickHeal 20161129
CMC 20161129
ClamAV 20161129
Comodo 20161129
CrowdStrike Falcon (ML) 20161024
Cyren 20161129
ESET-NOD32 20161129
F-Prot 20161129
Fortinet 20161129
Invincea 20161128
Jiangmin 20161128
K7AntiVirus 20161129
K7GW 20161129
Kingsoft 20161129
Malwarebytes 20161129
McAfee 20161129
McAfee-GW-Edition 20161129
Microsoft 20161129
Panda 20161128
Rising 20161129
SUPERAntiSpyware 20161129
TheHacker 20161126
TotalDefense 20161129
TrendMicro-HouseCall 20161129
Trustlook 20161129
VBA32 20161128
VIPRE 20161129
ViRobot 20161129
WhiteArmor 20161125
Yandex 20161128
Zillya 20161129
Zoner 20161129
nProtect 20161129
The file being studied is a Rich Text Format file! RTF is a proprietary document file format with published specification developed by Microsoft Corporation since 1987 for Microsoft products and for cross-platform document interchange.
Summary
Revision time
2015-10-16 13:54:00
Version number
24689
Author
Master
Number of pages
1
Creation time
2015-10-16 11:37:00
1
24
Number of words
17
Version
22
Number of characters
102
Operator
Master
Number of non whitespace characters
118
Document properties
Non ascii characters
0
Embedded drawings
20
Rtf header
rtf1
Default ansi codepage
Western European
Generator
Microsoft Word 11.0.5604
Read only protection
False
User protection
False
Default character set
ANSI
Custom xml data properties
0
Dos stubs
0
Objects
OLE control (MSComctlLib.ListViewCtrl.2)
Embedded pictures
1
Longest hex string
619520
Default languages
English - United States
ExifTool file metadata
MIMEType
text/rtf

ModifyDate
2015:10:16 13:54:00

Characters
102

Author
Master

TotalEditTime
-7440 seconds

FileType
RTF

LastModifiedBy
Master

FileTypeExtension
rtf

CharactersWithSpaces
118

Words
17

CreateDate
2015:10:16 11:37:00

InternalVersionNumber
24689

Pages
1

RevisionNumber
22

File identification
MD5 8846d109b457a2ee44ddbf54d1cf7944
SHA1 ba57bc840bc8fa5b7a235b2d2cff47af610aa14a
SHA256 ba442907f3218c8664bbecb47f915c4469340219e0f05af8f2d108d72659ff0f
ssdeep
12288:+ZM94Zf3e+kAzocpAX6404vq7tLPIotg15/pj54i6LU5187:+ZM94ZfO+DoTNIIx15Xwwk

File size 660.5 KB ( 676324 bytes )
File type Rich Text Format
Magic literal
Rich Text Format data, version 1, ANSI

TrID Rich Text Format (100.0%)
Tags
cve-2012-0158 ole-control exploit rtf

VirusTotal metadata
First submission 2016-03-03 08:29:08 UTC ( 11 months, 4 weeks ago )
Last submission 2016-03-03 08:39:53 UTC ( 11 months, 4 weeks ago )
File names 8846d109b457a2ee44ddbf54d1cf7944.rtf.bin
1.doc
ExifTool file metadata
MIMEType
text/rtf

ModifyDate
2015:10:16 13:54:00

Characters
102

Author
Master

TotalEditTime
-7440 seconds

FileType
RTF

LastModifiedBy
Master

FileTypeExtension
rtf

CharactersWithSpaces
118

Words
17

CreateDate
2015:10:16 11:37:00

InternalVersionNumber
24689

Pages
1

RevisionNumber
22

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!