Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6402	April 2, 2021, 10:17 a.m.	April 2, 2021, 10:17 a.m.

Size	13.3KB
Type	Rich Text Format data, unknown version
MD5	`5a0a86f08f57c385df9626f26e1a3bc9`
SHA256	`cdfb17843f16222331c67ee433ed5692f2eaa53d0490f7ab3fd606c82124f332`
CRC32	`2B5B4DA2`
ssdeep	`384:PDgwA8OzV1UVyxM1Z0Ie8KrnTeQP1Ka8dwPpVpAuWD5:PDgwROzV2YyDKrniQE3dwP/2`
Yara	None matched

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

No Suricata Alerts

No Suricata TLS

filetype_details

Rich Text Format data, unknown version

filename

................................................................................................................dot

CAT-QuickHeal	Exp.RTF.Obfus.Gen
McAfee	RTFObfustream.c!5A0A86F08F57
Arcabit	Exploit.RTF-ObfsObjDat.Gen
Symantec	Trojan.Gen.2
ESET-NOD32	multiple detections
Kaspersky	UDS:DangerousObject.Multi.Generic
BitDefender	Exploit.RTF-ObfsObjDat.Gen
NANO-Antivirus	Exploit.Rtf.Heuristic-rtf.dinbqn
MicroWorld-eScan	Exploit.RTF-ObfsObjDat.Gen
Ad-Aware	Exploit.RTF-ObfsObjDat.Gen
Emsisoft	Exploit.RTF-ObfsObjDat.Gen (B)
DrWeb	Exploit.Rtf.Obfuscated.32
TrendMicro	HEUR_RTFMALFORM
McAfee-GW-Edition	BehavesLike.BadFile.lq
FireEye	Exploit.RTF-ObfsObjDat.Gen
ZoneAlarm	HEUR:Exploit.OLE2.Generic
GData	Exploit.RTF-ObfsObjDat.Gen
AhnLab-V3	RTF/Malform-A.Gen
ALYac	Exploit.RTF-ObfsObjDat.Gen
Zoner	Probably Heur.RTFBadVersion
MAX	malware (ai score=87)
Qihoo-360	susp.rtf.objupdate.gen

................................................................................................................dot