Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6401	Nov. 1, 2021, 5:56 p.m.	Nov. 1, 2021, 5:57 p.m.

Size	863.2KB
Type	Rich Text Format data, version 1, unknown character set
MD5	`847446bc1b6221de28dc78cef9d34623`
SHA256	`50cb0313a049f5df3f0fe95dc588bf7dca6ef76a7d713fc4b07348e21134749e`
CRC32	`66D3AEE3`
ssdeep	`6144:f8jk0y7FXUVW58AspUHC5K2JS1/Gh0Z2+b3vQP5ZYy+sf/ZIsQmo2HhuS:f8Y5JUI56g2JS1/Ghm3vS5ZYylXoch3`
Yara	Malicious_Packer_Zero - Malicious Packer anti_vm_detect - Possibly employs anti-virtualization techniques Rich_Text_Format_Zero - Rich Text Format Signature Zero

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

No Suricata Alerts

No Suricata TLS

filetype_details

Rich Text Format data, version 1, unknown character set

filename

1.rtf

Lionic	Trojan.RTF.CVE-2017-11882.3!c
DrWeb	Exploit.Rtf.Obfuscated.32
CAT-QuickHeal	Exp.RTF.Obfus.Gen
McAfee	RTFObfustream.c!847446BC1B62
Sangfor	Exploit.Generic-Script.Save.25a9d8bf
Arcabit	Exploit.RTF-ObfsObjDat.Gen
Cyren	RTF/Trojan.PLBK-5
Symantec	Bloodhound.RTF.20
ESET-NOD32	a variant of DOC/Abnormal.U
Avast	RTF:Obfuscated-gen [Trj]
Cynet	Malicious (score: 99)
Kaspersky	HEUR:Exploit.RTF.CVE-2017-11882.gen
BitDefender	Exploit.RTF-ObfsObjDat.Gen
NANO-Antivirus	Exploit.Rtf.Heuristic-rtf.dinbqn
MicroWorld-eScan	Exploit.RTF-ObfsObjDat.Gen
Tencent	Win32.Exploit.Cve-2017-11882.Dztk
Ad-Aware	Exploit.RTF-ObfsObjDat.Gen
TrendMicro	HEUR_RTFMALFORM
FireEye	Exploit.RTF-ObfsObjDat.Gen
Emsisoft	Exploit.RTF-ObfsObjDat.Gen (B)
Avira	HEUR/Rtf.Malformed
GData	Exploit.RTF-ObfsObjDat.Gen
ALYac	Exploit.RTF-ObfsObjDat.Gen
MAX	malware (ai score=86)
Zoner	Probably Heur.RTFObfuscationE
Ikarus	Trojan.Doc.Agent
AVG	RTF:Obfuscated-gen [Trj]

1.rtf