microsoft office word 2007.exe

2007 Microsoft Office system

While the file properties state the file is developed by 'Microsoft Corporation', this is not the case and it is designed just to look like a legitimate Microsoft system file. The executable microsoft office word 2007.exe, “Microsoft Office Word” has been detected as malware by 9 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from s10560.chomikuj.pl.
Publisher:
Microsoft Corporation*  (Invalid match)

Product:
2007 Microsoft Office system

Description:
Microsoft Office Word

Version:
12.0.4518.1014

MD5:
1eda7c46bfb4b22de61b0526b64d7556

SHA-1:
2a0e4ba312e0fa0f62c2dc75ea575eaf753aa921

SHA-256:
d07480a90e9653fc7799864618f7a5e6503385b104745037f51ff786679cd614

Scanner detections:
9 / 68

Status:
Malware

Analysis date:
11/5/2024 11:33:36 AM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
W32.FanVT.ZbotK
1.3.0.6379

Emsisoft Anti-Malware
Trojan.Generic.12705868
8.15.03.13.08

IKARUS anti.virus
Trojan.Agent
t3scan.1.8.6.0

Malwarebytes
Trojan.FakeMS.Gen
v2015.03.13.08

MicroWorld eScan
Trojan.Generic.12705868
16.0.0.216

Norman
Suspicious_Gen4.HQXJB
11.20150313

nProtect
Trojan.Generic.12705868
15.02.05.01

SUPERAntiSpyware
Backdoor.Poison/Variant
10000

Trend Micro House Call
TROJ_PAM_0000030291.T3
7.2.72

File size:
54 KB (55,303 bytes)

Product version:
12.0.4518.1014

Copyright:
© 2006 Microsoft Corporation. All rights reserved.

Original file name:
WinWord.exe

File type:
Executable application (Win32 EXE)

File PE Metadata
Compilation timestamp:
10/27/2006 11:54:48 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
768:PF5lknxQpTtNTofvGOt5AwaS/iKH2Srbb2dSWH8ti/xxrfmv:PtkxQpTOpQUiZSflWHQi/xxrfmv

Entry address:
0x1ABB

Entry point:
9C, 60, 68, 53, 74, 41, 6C, 68, 54, 68, 49, 6E, E8, 00, 00, 00, 00, 58, BB, CC, 1A, 00, 00, 2B, C3, 50, 68, 00, 00, 00, 30, 68, 00, 28, 00, 00, 68, C8, 00, 00, 00, E8, 2C, FF, FF, FF, E9, 90, FF, FF, FF, CC, CC, 55, 8B, EC, 83, C4, F4, FC, 53, 57, 56, 8B, 75, 08, 8B, 7D, 0C, C7, 45, FC, 08, 00, 00, 00, 33, DB, BA, 00, 00, 00, 80, 43, 33, C0, E8, 19, 01, 00, 00, 73, 0E, 8B, 4D, F8, E8, 27, 01, 00, 00, 02, 45, F7, AA, EB, E9, E8, 04, 01, 00, 00, 0F, 82, 96, 00, 00, 00, E8, F9, 00, 00, 00, 73, 5B, B9, 04, 00...
 
[+]

Code size:
6.5 KB (6,656 bytes)

The file microsoft office word 2007.exe has been seen being distributed by the following URL.

Remove microsoft office word 2007.exe - Powered by Reason Core Security