RTF malware analysis — malicious · 555fcfcd305e1b14

MALICIOUS

RTF

293.2 KB Created: 2010-11-29 16:43:00 Authoring application: Microsoft Word 11.0.0000 First seen: 2012-07-06

MD5: 86fe90894fd80fd5b875b314c7cffa1f SHA-1: 8b336c76b6cb0aeff21339ce9612fd1680e6f804 SHA-256: 555fcfcd305e1b14710b2c985da0763d54871cc7fc118128a82815874002fa2a

62 Risk Score

Heuristics 2

CVE-2010-3333 — pFragments RTF stack overflow critical CVE exact CVE_2010_3333

RTF shape property pFragments has an oversized value, matching the CVE-2010-3333 stack-overflow trigger in Microsoft Word 2002/2003.
Embedded URL info EMBEDDED_URL

One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.

URL http://schemas.microsoft.com/office/word/2003/wordml In RTF body

Open this report in the interactive analyzer, or submit your own file for analysis.