MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 782b601de98dd44c474770195fe8c91465465180e15cc3eef0cb89ab596b0588. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Threat unknown

Vendor detections: 3

Intelligence 3 IOCs YARA File information Comments

SHA256 hash:	782b601de98dd44c474770195fe8c91465465180e15cc3eef0cb89ab596b0588
SHA3-384 hash:	d729925990b3c1145c282c3f238894e6d460601d5fb7e1aa069f07a1f0b0d7bca4e8a7674922d87217510e6b665e36ff
SHA1 hash:	738301274b8842e8375208a9d1a128f92e3426a6
MD5 hash:	a170a4ded11fcd705cc4c5d0f0f931d0
humanhash:	spring-alaska-illinois-oranges
File name:	v.dot
Download:	download sample
File size:	10'577 bytes
First seen:	2021-07-02 11:50:29 UTC
Last seen:	2021-07-02 14:12:17 UTC
File type:	unknown
MIME type:	application/octet-stream
ssdeep	192:8t69wnzdJkYM4v/4+Q/0C241ol9sTFXvf+qI4gkxAOUtNjtBw:8Q9wnoXz/j2vl9sTFXODEAFt9w
TLSH	E022B66CEA67439D8F8D73A446749D8C47E8767CE3804102397CA375278BF2B9B26871
Reporter	info_sec_ca
Tags:	CVE-2017-11882 dot

Intelligence

File Origin

# of uploads :

2

# of downloads :

87

Origin country :

n/a

Vendor Threat Intelligence

Detection(s):

SecuriteInfo.com.Spam-473.UNOFFICIAL

Sanesecurity.Malware.27333.RtfHeur.BadVer.UNOFFICIAL

SecuriteInfo.com.FakeRTF-1.UNOFFICIAL

Sanesecurity.Malware.26244.RtfHeur.UNOFFICIAL

MiscreantPunch.RTF.EvilRTF.CVE-2017-0199-Obfus.UNOFFICIAL

TwinWave.EvilDoc.RTFFakeVersionWithObjUpdateUKSurfMix.20200514.UNOFFICIAL

Result

Verdict:

MALICIOUS

Detection:

n/a

Link:

https://mwdb.cert.pl/sample/782b601de98dd44c474770195fe8c91465465180e15cc3eef0cb89ab596b0588/

Threat name:

Document-Office.Exploit.CVE-2017-11882

Status:

Malicious

First seen:

2021-07-02 11:51:07 UTC

AV detection:

22 of 45 (48.89%)

Threat level:

5/5

Please note that we are no longer able to provide a coverage score for Virus Total.

Threat name:

Legit

Score:

0.05

Link:

https://yomi.yoroi.company/submissions/782b601de98dd44c474770195fe8c91465465180e15cc3eef0cb89ab596b0588

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

unknown 782b601de98dd44c474770195fe8c91465465180e15cc3eef0cb89ab596b0588

(this sample)

URLhaus

https://urlhaus.abuse.ch/url/1421936/

Delivery method

Distributed via web download

Comments

Login required

You need to login to in order to write a comment. Login with your abuse.ch account.

No comments found for this malware sample