Suspicious Document

So I downloaded a suspicious looking ".docx" file and I was wondering if it's possible to store malicious or dangerous content in those types of files, I just want to be safe is all. I scanned with MalwareBytes and it said it was fine, but I really want to make sure I don't have anything dangerous.

Yes it is possible and it is quite common to hide viruses in .docx files.

2 Likes

Okay, is there a way to search to get rid of the dangerous code or something?

Never download anything suspicious.

2 Likes

I've seen readme.exe files, those are always a hoot.

2 Likes

.exe file or .txt file?

yes .exe

Well, obviously that's suspicious enough as it is, it's an exe file of course lolz

You said yourself it's suspicious.. delete it.

Unless you've got a VM to test it in why risk it?

1 Like

That's why I said its a hoot...

Upload it to Virustotal.com and see what it says, then maybe fire up a VM and take a look arround.

2 Likes

Yes, suspicious .docx , .xlsx and .pdf files are the most common files to store ransomware via macros. If you ever get any, just delete them. Don't even bother scanning. Just delete them, its not worth the headache.

I've deleted it. But I want to make sure that I'm safe still. Since I had it, I opened it, but hopefully that didn't trigger anything.

Virustotal.com is that a trusted site and stuff? What's it do/for?

Yes, its trusted. It will scan a file against a number of AVs and compare results with others who have uploaded the same files. You can even hash a file and give it the hash instead.

Okay thank you! Also, uh if it's uploaded to that site, it's not public, right? I need it to be private because it contains sensitive material >.>

I'm looking around and I don't see a way to remove it, so I assume it's private

Take a hash of it and search for the hash.

1 Like

Were you expecting a doc anyway? (Did it come via email or did you just download it?)
If it was an unknown doc that came via email then absolutely delete it.
If it's just some random suspicious doc then open it in a VM, antiviruses won't protect you if have macros enabled.
Fight the curiosity, do you really need to see the doc?

2 Likes

I don't know how to do that. I got rid of the file and I can't obtain another one anymore and I've closed the tab it was on as well. >.>

edit - nvm found it in history

It came up with a result, but is there a way to remove it?