Gridinsoft Logo
File Icon

The Microsoft Office Word 2007.exe (Microsoft Office Word) File Analysis

Updated 1 year ago
Checked by Malware Check
Microsoft Office Word 2007.exe

Technical Analysis

File Name Microsoft Office Word 2007.exe
File Type
Win32 EXE
Magic Bytes PE32 executable (GUI) Intel 80386, for MS Windows
SSDEEP Hash
3072:IglinKq9AWRPVY0SEmEpxE/t2GzQj2s3+oWHJeLXwULaSxtukisfqV8vJn:DbytLE/t1ns3qSa+a8x
Scanner Version 1.0.178.174
Database Version 2024-06-03 22:00:32 UTC

Suspicious File Detected

Detected by 42 security engines - requires caution

This file requires additional checking for potential threats. Based on suspicious indicators, we will soon add it to our virus database.
58%
Detection Rate
353,837
File Size (bytes)
42/73
Engines Detected
2024-06-03
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
7fbc2a3e6d80ea6547687f98cac1a024
SHA1
2ef86bae8aee327571f6eecf5de643148e9e0fb9
SHA256
2e7dae581039ffa0288700442ad00908614266a14d4bb2c7fdba65f6c2cd3c66
SHA512
39ce46d277da8b389624df42ac1f2ea53b98774233f92f273cab7af01d37ec13d6e320697ffcbd5f55023a3e3c034a6b7a6dfb1bb00c0b17f8d5520e8ea720b5
ImpHash
9158747dc6240279afce84ac4d726c82

Security Engines with Detections (42 of 73)

Lionic
Trojan.Win32.Generic.4!c Malicious
Elastic
malicious (moderate confidence) Malicious
MicroWorld-eScan
Trojan.GenericKD.71846899 Malicious
Skyhigh
BehavesLike.Win32.Generic.ft Malicious
ALYac
Trojan.GenericKD.71846899 Malicious
Cylance
unsafe Malicious
Zillya
Trojan.Agent.Win32.3343822 Malicious
Sangfor
Trojan.Win32.Agent.Vvgk Malicious
Alibaba
Trojan:Win32/Skeeyah.e1db3f8b Malicious
Cybereason
malicious.e6d80e Malicious
Arcabit
Trojan.Generic.D4484BF3 Malicious
Symantec
ML.Attribute.HighConfidence Malicious
TrendMicro-HouseCall
TROJ_GEN.R023H09CC24 Malicious
Paloalto
generic.ml Malicious
BitDefender
Trojan.GenericKD.71846899 Malicious
NANO-Antivirus
Trojan.Win32.Snovir.kfmibf Malicious
Avast
FileRepMalware [Misc] Malicious
Rising
[email protected] (RDML:cyqnx5FHv68mNJH8isTtsg) Malicious
Emsisoft
Trojan.GenericKD.71846899 (B) Malicious
VIPRE
Trojan.GenericKD.71846899 Malicious
McAfeeD
ti!2E7DAE581039 Malicious
FireEye
Generic.mg.7fbc2a3e6d80ea65 Malicious
Sophos
Mal/Generic-S Malicious
Ikarus
Trojan.Win32.Skeeyah Malicious
Webroot
W32.Malware.Gen Malicious
Varist
W32/S-1d5a7cc5!Eldorado Malicious
Microsoft
Trojan:Win32/Acll Malicious
GData
Trojan.GenericKD.71846899 Malicious
Cynet
Malicious (score: 100) Malicious
AhnLab-V3
Trojan/Win.PWS.R634756 Malicious
McAfee
Artemis!7FBC2A3E6D80 Malicious
MAX
malware (ai score=86) Malicious
VBA32
TrojanPSW.Stealer Malicious
Malwarebytes
Malware.AI.501787343 Malicious
SentinelOne
Static AI - Suspicious PE Malicious
MaxSecure
Trojan.Malware.236590145.susgen Malicious
Fortinet
W32/PossibleThreat Malicious
BitDefenderTheta
Gen:NN.ZexaF.36804.vq1@aGlJm7ii Malicious
AVG
FileRepMalware [Misc] Malicious
DeepInstinct
MALICIOUS Malicious
CrowdStrike
win/malicious_confidence_70% (W) Malicious
alibabacloud
Trojan:Win/Acll Malicious
31 engines reported no threats - Only engines with detections are shown above for clarity

PE Analysis

Basic Information

Icon
Hash: 470b2148967bbb4f4a03c048dc2ff944
Fuzzy: 4464fef851f557aac34977203f021ddb
dHash: d8f88dadadbcb080
Image Base 0x66200000
Entry Point 0x66201448
Compilation Time 2006-10-27 21:54:48
Checksum 0x00000000 (Actual: 0x00061937)
OS Version 4.0
PEiD Signatures PE32 executable (GUI) Intel 80386, for MS Windows
PDB Path d:\build\ob\bora-21059475\vos3\thinstall\modules\boot_loader.pdb
Digital Signature The PE file does not contain a certificate table.
Imports 3 libraries
KERNEL32, USER32, ntdll
Exports 0 functions
Resources 12 Resources
Sections 4 Sections

Version Information

CompanyName Microsoft Corporation
FileDescription Microsoft Office Word
FileVersion 12.0.4518.1014
InternalName WinWord
LegalCopyright © 2006 Microsoft Corporation. All rights reserved.
LegalTrademarks1 Microsoft® is a registered trademark of Microsoft Corporation.
LegalTrademarks2 Windows® is a registered trademark of Microsoft Corporation.
OriginalFilename WinWord.exe
ProductName 2007 Microsoft Office system
ProductVersion 12.0.4518.1014
ThinAppBuildDateTime 20240303 180915
ThinAppLicense pol
ThinAppVersion 2212.0.0-21059475
Translation 0x0000 0x04e4

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 109,904 bytes 110,080 bytes 6.61 (Compressed) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 2F9EA2DD8FEEF04CEABC83C915FABB04
.rdata 0x0001c000 36,164 bytes 36,352 bytes 4.88 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ B1D09D889CA3C20D117AFBB079B36A81
.data 0x00025000 164,796 bytes 156,672 bytes 1.28 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE DF76EBA1CB6DC0CD541532C7C1DCE79C
.rsrc 0x0004e000 45,048 bytes 45,056 bytes 6.67 (Compressed) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ FDAB9D252890D917695C3C6D7C558575
Entropy Analysis Alert

2 section(s) with elevated entropy (≥6.5) - possible compression

Resource Analysis

Total Resources: 12 (44,174 bytes)
Resource Type Count Total Size Percentage
RT_ICON 10 42,644 bytes
96.5%
RT_GROUP_ICON 1 146 bytes
0.3%
RT_VERSION 1 1,384 bytes
3.1%

Certificate Chain Analysis

Certificate Information
Product 2007 Microsoft Office system
Description Microsoft Office Word
File Version 12.0.4518.1014
Original Name WinWord.exe
Internal Name WinWord
Copyright © 2006 Microsoft Corporation. All rights reserved.

✓ This file has been digitally signed and the certificate chain has been verified

  • The signature ensures file integrity and authenticity from the publisher
  • Timestamping proves when the signature was applied
Certificate Verification Status

The PE file does not contain a certificate table.

Recommendation: Verify the file source and ensure it comes from a trusted publisher.

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
42 antivirus engines detected potential threats. This could be a false positive, especially for system tools or packed software. Verify the file source and check if it's digitally signed by a trusted publisher.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Your Score for

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Anti-Malware Download Now
Gridinsoft Anti-Malware