* | Depth | Type | Name | Size | Compressed | Attributes | Date | Time (UTC) | Total Size | Total Items | CRC-32 | MD5 | SHA-1 | Details | Thumbnail |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
0 | MIME | http://www.scopr.com/test/infected_activemime.eml.bin | 50,491 | 50,491 | ---------- | 01.01.1970 | 01:00:00 | 138,999 | 27 | a6c72386 | 3914fa82106b01aaf020db27a2973bbd | 8b727c006b5ba51ee410e55c7489baddc9cf499a | Scopr:AntiMalware:Malware=SuspiciousExtensionPattern-MIME(bin)-HTML(eml);Scopr:AntiMalware:Scanner=Scopr;Scopr:AntiMalware:Malware=SuspiciousExtension-MIME(bin);ncd=MIME;nce=bin; | ||
1 | HTML | MIME_part_0 | 21,564 | 23,052 | -rw-r--r-- | 01.01.1970 | 01:00:00 | 21,560 | 1 | a169d36e | 1a3b0770a9255fa94899ec4e7b562619 | 208013f6f55754a78ae9cbeff5aee2a1f84933c1 | MIME body part;encoding=quoted-printable;ncd=MIME,HTML;nce=bin,?; | ||
2 | HTML | MIME_part_0 | 21,560 | 21,560 | -rw-r--r-- | 01.01.1970 | 01:00:00 | 0 | 0 | 4a9c59f8 | 9320b7e9bf60f42e8def9020df22a40a | cbeb78b74c9a509ed58c4c1c1e15c3963280f6fb | ncd=MIME,HTML,HTML;nce=bin,?,?; | ||
1 | WMF | MIME_part_1 | 560 | 768 | -rw-r--r-- | 01.01.1970 | 01:00:00 | 0 | 0 | 10e93eb7 | 99d6973ecd28e1913022544973d278d4 | 33375948aae081e417cfcbdbad59ae257938c620 | MIME body part;encoding=base64;numobjects=3;ncd=MIME,WMF;nce=bin,?; | ||
1 | ZIP:THMX | MIME_part_2 | 3,135 | 4,292 | -rw-r--r-- | 01.01.1970 | 01:00:00 | 8,398 | 5 | b7538338 | 3c12528ed7aec745a489a1a4e42422f4 | f112f78c244664c1ab9be1123abdb9dea08c639d | MIME body part;encoding=base64;crc32=0xbf0fdee9;ncd=MIME,ZIP:THMX;nce=bin,?; | ||
2 | XML | [Content_Types].xml | 540 | 255 | ----- | 01.01.1980 | 00:00:00 | 0 | 0 | bf0fdee9 | c9cbcd6f377d2c787064d8e5464412f1 | e52b0a05ec21d91953adf435f79216c13f0abd7d | compressionmethodid=8;compressionmethod=deflate;ncd=MIME,ZIP:THMX,XML;nce=bin,?,xml; | ||
2 | XML | _rels/.rels | 310 | 192 | ----- | 01.01.1980 | 00:00:00 | 0 | 0 | e7a7d6a5 | 72721ae37030f210de7a73d75dbc33eb | 0391c4107d2d980a3453fb01c7a3cf87e0fd63a9 | compressionmethodid=8;compressionmethod=deflate;ncd=MIME,ZIP:THMX,XML;nce=bin,?,rels; | ||
2 | XML | theme/theme/themeManager.xml | 138 | 131 | ----- | 01.01.1980 | 00:00:00 | 0 | 0 | 1696796b | ad57ce056452726e5fb113fb8c6f229e | 1f3827fdb4f84b4aa192554a13b3176a79f400e7 | compressionmethodid=8;compressionmethod=deflate;ncd=MIME,ZIP:THMX,XML;nce=bin,?,xml; | ||
2 | XML | theme/theme/theme1.xml | 7,127 | 1,735 | ----- | 01.01.1980 | 00:00:00 | 0 | 0 | 2d7d5ea5 | 79047617aa6160cc3c7a0f952b77c968 | 7e6d7fb9fb02f8c9ad3e81507167199340fd12b3 | compressionmethodid=8;compressionmethod=deflate;ncd=MIME,ZIP:THMX,XML;nce=bin,?,xml; | ||
2 | XML | theme/theme/_rels/themeManager.xml.rels | 283 | 182 | ----- | 01.01.1980 | 00:00:00 | 0 | 0 | 9f90d10d | c8d47b0b4a92b9587777ef824be3c8c4 | acb1a688c812a9f476143fb88a32c8c5475cf97c | compressionmethodid=8;compressionmethod=deflate;ncd=MIME,ZIP:THMX,XML;nce=bin,?,rels; | ||
1 | XML | MIME_part_3 | 314 | 355 | -rw-r--r-- | 01.01.1970 | 01:00:00 | 0 | 0 | 57c7ceda | 6b7a472a22fbdbff4b2b08ddb4f43735 | c6df700168d3f5a90ff2713b78f8ef1446927102 | MIME body part;encoding=quoted-printable;ncd=MIME,XML;nce=bin,?; | ||
1 | ACTIVEMIME | MIME_part_4 | 13,009 | 17,806 | -rw-r--r-- | 01.01.1970 | 01:00:00 | 70,307 | 12 | dc96dc1e | b182b38223c1f113a7790181efcd521f | 5a23cdc5b709ee56c7db2ca20e13f6a66859f7c7 | MIME body part;encoding=base64;ncd=MIME,ACTIVEMIME;nce=bin,?; | ||
2 | OLESS | ActiveMime | 39,936 | 12,792 | -AS-- | 01.01.1970 | 01:00:00 | 30,371 | 11 | 3cbf95b2 | 415777b013e1f54e13936a7e399e84df | b6142f079428d70b8549e1f5c53ea24a2edbba8f | ncd=MIME,ACTIVEMIME,OLESS;nce=bin,?,?; | ||
3 | ? | VBA/dir | 902 | 902 | -AS-- | 01.01.1970 | 01:00:00 | 0 | 0 | 00000000 | 00000000000000000000000000000000 | 0000000000000000000000000000000000000000 | Maximum items per depth exceeded; | ||
3 | ? | VBA/Module1 | 2,353 | 2,353 | -AS-- | 01.01.1970 | 01:00:00 | 0 | 0 | 00000000 | 00000000000000000000000000000000 | 0000000000000000000000000000000000000000 | Maximum items per depth exceeded; | ||
3 | ? | VBA/Module2 | 7,854 | 7,854 | -AS-- | 01.01.1970 | 01:00:00 | 0 | 0 | 00000000 | 00000000000000000000000000000000 | 0000000000000000000000000000000000000000 | Maximum items per depth exceeded; | ||
3 | ? | VBA/hgfdcsxsdvsd | 1,104 | 1,104 | -AS-- | 01.01.1970 | 01:00:00 | 0 | 0 | 00000000 | 00000000000000000000000000000000 | 0000000000000000000000000000000000000000 | Maximum items per depth exceeded; | ||
3 | ? | VBA/uytrfedsavsav | 1,178 | 1,178 | -AS-- | 01.01.1970 | 01:00:00 | 0 | 0 | 00000000 | 00000000000000000000000000000000 | 0000000000000000000000000000000000000000 | Maximum items per depth exceeded; | ||
3 | ? | PROJECT | 606 | 606 | -AS-- | 01.01.1970 | 01:00:00 | 0 | 0 | 00000000 | 00000000000000000000000000000000 | 0000000000000000000000000000000000000000 | Maximum items per depth exceeded; | ||
3 | ? | PROJECTwm | 131 | 131 | -AS-- | 01.01.1970 | 01:00:00 | 0 | 0 | 00000000 | 00000000000000000000000000000000 | 0000000000000000000000000000000000000000 | Maximum items per depth exceeded; | ||
3 | ? | uytrfedsavsav/f | 247 | 247 | -AS-- | 01.01.1970 | 01:00:00 | 0 | 0 | 00000000 | 00000000000000000000000000000000 | 0000000000000000000000000000000000000000 | Maximum items per depth exceeded; | ||
3 | ? | uytrfedsavsav/o | 15,600 | 15,600 | -AS-- | 01.01.1970 | 01:00:00 | 0 | 0 | 00000000 | 00000000000000000000000000000000 | 0000000000000000000000000000000000000000 | Maximum items per depth exceeded; | ||
3 | ? | uytrfedsavsav/CompObj | 97 | 97 | -AS-- | 01.01.1970 | 01:00:00 | 0 | 0 | 00000000 | 00000000000000000000000000000000 | 0000000000000000000000000000000000000000 | Maximum items per depth exceeded; | ||
3 | ? | uytrfedsavsav/VBFrame | 299 | 299 | -AS-- | 01.01.1970 | 01:00:00 | 0 | 0 | 00000000 | 00000000000000000000000000000000 | 0000000000000000000000000000000000000000 | Maximum items per depth exceeded; | ||
1 | TXT | MIME_part_5 | 140 | 146 | -rw-r--r-- | 01.01.1970 | 01:00:00 | 12 | 3 | 2640f00f | 557b59cc696082511fab24f33edc135c | e1b3f53fc830fbe2cbb0255923010e24746df7a1 | MIME body part;encoding=quoted-printable;characterencoding=7-bit US-ASCII;ncd=MIME,TXT;nce=bin,?; | ||
Totals | 189,478 | 164,128 |
* | Infected |
Executable |
Archive/Container |
Suspicious |
Encrypted |
Text |
Powered by Scopr XRay
XRay version | 6.0.536.0 |
Processed by user | guest |
Start time | Sat Apr 20 14:27:22 2024 UTC |
End time | Sat Apr 20 14:27:23 2024 UTC |
Elapsed time | 00:00:00.348 |
Bytes extracted | 189478 |
Processing speed | 530.77 KB/s |
Server default configuration | |
Maximum extraction depth | 3 |
Maximum extracted file size (bytes) | 250000 |
Maximum extracted virtual disk size (bytes) | 1073741824 |
Maximum items per depth | 10 |
Maximum processing time (seconds) | 10000 |
Enable Optical Character Recognition (OCR) | No |
OCR BMP images | No |
OCR GIF images | No |
OCR ICO images | No |
OCR JBIG2 images | No |
OCR JPEG images | No |
OCR PNG images | No |
OCR SVG images | No |
OCR TIFF images | No |
OCR WEBP images | No |
Maximum frames to OCR per image | 0 |
Minimum OCR frame width | 0 |
Minimum OCR frame height | 0 |
Maximum OCR frame width | 0 |
Maximum OCR frame height | 0 |
Maximum OCR depth | 0 |
Maximum images to OCR per depth | 0 |
OCR timeout (milliseconds) | 0 |
OCR Maximum Black Pixel Threshold (0-255) | 0 |
OCR Minimum White Pixel Threshold (0-255) | 255 |
OCR Extract Pre-processed Binarized Image | 0 |
Maximum Barcode Black Pixel Threshold (0-255) | 0 |
Minimum Barcode White Pixel Threshold (0-255) | 255 |
Extract Barcode Pre-processed Binarized Image | 0 |
Enable Image BlockHash Computation | Yes |
Enable Image PDQ Hash Computation | Yes |
Enable BMP Image Hashing | Yes |
Enable GIF Image Hashing | Yes |
Enable ICO Image Hashing | Yes |
Enable JPEG Image Hashing | Yes |
Enable PNG Image Hashing | Yes |
Enable SVG Image Hashing | Yes |
Enable TIFF Image Hashing | Yes |
Enable WEBP Image Hashing | Yes |
Max Hash Image Depth | 3 |
Max Hash Image Width | 5000 |
Max Hash Image Height | 5000 |
Min Hash Image Width | 0 |
Min Hash Image Height | 0 |
Engines used
7Z | ACE | ActiveMime | ALZip | APPLEDOUBLE | AR | ARJ | BCRYPT | BIFF | BZIP |
CAB | CHM | CPIO | DAA | EAPPX | EXE | GZIP | HA | HYP | ICO |
GIF | ISO9660 | JPEG | LHA | LZ | MBR | PNG | OLESS | ONE | |
PHAR | QOI | BMP | RAR | RPM | RPMSG | SIT | SQZ | SZ | TAR |
TNEF | UDF | VHD | VHDX | XAR | XBO | XZ | ZIP | ZOO | ZPAQ |
ZST | RTF | Text | BASE64 | HQX | HTML | IHEX | IQY | JavaScript | MIME |
Perl | PHP | Python | UUE | VBE | VBScript | WARC | XML | XXE | YENC |