Malicious RTF — malware analysis report

Static analysis result for SHA-256 2893e1ee82d3354a…

MALICIOUS

RTF

1.18 MB First seen: 2021-02-23
MD5: 3d83df756cc1e575755a7a3a8d9d8afc SHA-1: 34a716a9952986f09524137638830538e2c0cc11 SHA-256: 2893e1ee82d3354a8c9dae8fad81975ca8599eacfb7926502b15d79757dff536
120 Risk Score

Heuristics 2

  • CVE-2010-3333 — pFragments RTF stack overflow critical CVE exact CVE_2010_3333
    RTF shape property pFragments has an oversized value, matching the CVE-2010-3333 stack-overflow trigger in Microsoft Word 2002/2003.
  • ClamAV: BC.Legacy.Exploit.CVE_2010_3333-5 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: BC.Legacy.Exploit.CVE_2010_3333-5