RTF Doc. Uses CVE-2017-8759 Exploit to Execute Code | Files
Try VMRay Analyzer
File Information
Sample files count 1
Created files count 5
Modified files count 1
c:\users\aetadzjz\desktop\Playkey.doc
-
File Properties
Names c:\users\aetadzjz\desktop\Playkey.doc (Sample File)
Size 987.89 KB (1011599 bytes)
Hash Values MD5: 9587a58c5d456ca4fb8d8abba0945861
SHA1: 18bb1da68d2073efb52ce3792311b15e958d85a5
SHA256: 7a641c8fa1b7a428bfb66d235064407ab56d119411fbaca6268c8e69696e6729
Actions
c:\users\aetadzjz\desktop\logo.cs
-
File Properties
Names c:\users\aetadzjz\desktop\logo.cs (Created File)
Size 1.07 KB (1098 bytes)
Hash Values MD5: 667a8968a36880dc4147d2ce00c64b30
SHA1: 48233228f9babdd3bcac5b85d5ae258f91204f7e
SHA256: 8aea15951d21f30f44a8d7499472b62473203959659eeb2b9059b64698deacfd
Actions
c:\users\aetadzjz\appdata\local\temp\91rxrejg.tmp, ...
-
File Properties
Names c:\users\aetadzjz\appdata\local\temp\91rxrejg.tmp (Created File)
c:\users\aetadzjz\appdata\local\temp\91rxrejg.err (Created File)
c:\users\aetadzjz\appdata\roaming\result.exex (Created File)
Size 0.00 KB (0 bytes)
Hash Values MD5: d41d8cd98f00b204e9800998ecf8427e
SHA1: da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
c:\users\aetadzjz\appdata\local\temp\91rxrejg.0.cs
-
File Properties
Names c:\users\aetadzjz\appdata\local\temp\91rxrejg.0.cs (Created File)
Size 1.08 KB (1101 bytes)
Hash Values MD5: 3992ea6c0751d769815a98c4cffcadce
SHA1: 6ba244d7eb6a6facd2b4c4e946e26987d2336e8b
SHA256: b12a34c289c97db64f4267e5c67b70f4fefedfe28ae6527e7721a6ef3e4e0adc
Actions
c:\users\aetadzjz\appdata\local\temp\91rxrejg.cmdline
-
File Properties
Names c:\users\aetadzjz\appdata\local\temp\91rxrejg.cmdline (Created File)
Size 0.28 KB (288 bytes)
Hash Values MD5: 8d42a6a6ddda3cb8546ef4cb888dbfa8
SHA1: 2024365b4311bc93867119ceee7c876683fef607
SHA256: f0d80af454b0e9060f13236c0827a4df63d61ac4964a174c999f4aa2895ff00e
Actions
c:\users\aetadzjz\appdata\local\temp\91rxrejg.out
-
File Properties
Names c:\users\aetadzjz\appdata\local\temp\91rxrejg.out (Created File)
Size 0.37 KB (379 bytes)
Hash Values MD5: 51bfb6f473aa25324ee1ed9830ca806e
SHA1: f1fae130030df5b4dff15ed820ca35665886ea98
SHA256: 60a57285c3ccbfa3f03f050681e54c27de4ef1766fe6151104a919b7f7c8fa2e
Actions
c:\users\aetadzjz\appdata\local\microsoft\windows\temporary internet files\content.ie5\x9ohk109\t[1].hta, ...
-
File Properties
Names c:\users\aetadzjz\appdata\local\microsoft\windows\temporary internet files\content.ie5\x9ohk109\t[1].hta (Modified File)
c:\users\aetadzjz\appdata\local\microsoft\windows\temporary internet files\content.ie5\x9ohk109\t[2].hta (Modified File)
Size 3.24 KB (3313 bytes)
Hash Values MD5: 13b131d98fea2526196b20496ec68b0a
SHA1: 1284d7400f30f5a2c409f3f53fcf34b30c32268d
SHA256: ae09b5dc38c85387a861cb4aee8b08ef6c7b216f21ba1bd06c9d1b3adab46a75
Actions
Function Logfile
Download-Icon
Exit-Icon

This feature requires an online-connection to the VMRay backend.

An offline version with limited functionality is also provided.
The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy". 


    

   

   

    

     
      

       
       
       
       
      

     
     
     
    

   

  

  

   

    
    

     Screenshot
    

    

     Expand-Icon
    

    

     Exit-Icon
    

   

   

    

     icon_left
    

    

     icon_left
    

   

   

   

   

    image