4ef2c020...d4c4 | Yara
Try VMRay Analyzer
VTI SCORE: 100/100
Dynamic Analysis Report
Classification: Exploit, Dropper, Downloader

4ef2c020a2f45b6891a9094d5a042472417657961c05358f67ef58e7e8f9d4c4 (SHA256)

RFQ13262.docx

Word Document

Created at 2018-11-27 09:36:00

Notifications (2/3)

The maximum number of reputation file hash requests (20 per analysis) was exceeded. As a result, the reputation status could not be queried for all file hashes. In order to get the reputation status for all file hashes, please increase the 'Max File Hash Requests' setting in the system configurations.

YARA Information

Applied On Sample Files, PCAP File, Created Files, Modified Files, Process Dumps
Number of YARA matches 1
Ruleset Name Rule Name Rule Description File Type Filename Classification Severity Actions
CVEs rtf_cve2017_11882 Exploit for CVE-2017-11882 (Microsoft Office Memory Corruption Vulnerability) PCAP File analysis.pcap Exploit
5/5
Function Logfile
Exit-Icon

This feature requires an online-connection to the VMRay backend.

An offline version with limited functionality is also provided.
The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy".


    
Before

This feature requires an online-connection to the VMRay backend.

An offline version with limited functionality is also provided.
The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy".


    
After

This feature requires an online-connection to the VMRay backend.

An offline version with limited functionality is also provided.
The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy".


    
Screenshot
Expand-Icon
Exit-Icon
icon_left
icon_left
image