RTF malware analysis — malicious · f7796660109746d5

MALICIOUS

RTF

101.0 KB First seen: 2015-09-30

MD5: 8434049f154d3eb31ad95cd040a8d290 SHA-1: 1310cf067bf8e413c29cc5f2095e60306ea45141 SHA-256: f7796660109746d5164ba7a973bcbea76d44763738beeb5de25a272c9783c5d1

60 Risk Score

Malware Insights

MITRE ATT&CK

T1203 Exploitation for Client Execution

The RTF file contains a critical heuristic firing for CVE-2010-3333, a known stack overflow vulnerability. This indicates the file is designed to exploit this vulnerability to achieve code execution on a vulnerable system. No other malicious indicators were found.

Heuristics 1

CVE-2010-3333 — pFragments RTF stack overflow critical CVE exact CVE_2010_3333

RTF shape property pFragments has an oversized value, matching the CVE-2010-3333 stack-overflow trigger in Microsoft Word 2002/2003.

Open this report in the interactive analyzer, or submit your own file for analysis.