× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 019e2c53fb7651b51dee5e4ba5243d3d78b29ac8be856a773ac387c241e4f0af
File name: 2015-03-02-Fiesta-EK-silverlight-exploit.xap
Detection ratio: 37 / 54
Analysis date: 2016-11-07 02:54:09 UTC ( 1 year, 7 months ago )
Antivirus Result Update
Ad-Aware Gen:Variant.Kazy.565867 20161107
AegisLab Exploit.Msil.Cve!c 20161107
AhnLab-V3 Trojan/Win32.Zbot.N1453164592 20161106
ALYac Gen:Variant.Kazy.565867 20161107
Arcabit Trojan.Kazy.D8A26B 20161107
Avast Win32:Malware-gen 20161107
AVG Exploit_c.ABZK 20161107
AVware Trojan.Win32.Generic!BT 20161107
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9816 20161104
BitDefender Gen:Variant.Kazy.565867 20161107
Bkav W32.Clodb26.Trojan.9a6f 20161105
Comodo UnclassifiedMalware 20161107
Cyren W32/CVE130074.B.gen!Eldorado 20161107
DrWeb Exploit.CVE2013-0074.34 20161107
ESET-NOD32 a variant of Win32/Exploit.CVE-2013-0074.CO 20161107
F-Prot W32/CVE130074.B.gen!Eldorado 20161107
F-Secure Gen:Variant.Kazy.565867 20161107
GData Gen:Variant.Kazy.565867 20161107
Ikarus Trojan.Win32.Exploit 20161106
Jiangmin Exploit.MSIL.cb 20161107
K7AntiVirus Trojan ( 700000121 ) 20161106
K7GW Trojan ( 700000121 ) 20161107
Kaspersky Exploit.MSIL.CVE-2013-0074.dk 20161107
McAfee Artemis!3E8CE8900B67 20161107
Microsoft Exploit:MSIL/CVE-2013-0074.A 20161107
eScan Gen:Variant.Kazy.565867 20161107
NANO-Antivirus Exploit.Win32.CVE20130074.dovvba 20161107
Panda Trj/CI.A 20161106
Sophos AV Mal/Generic-L 20161107
Tencent Msil.Exploit.Cve-2013-0074.Eadh 20161107
TheHacker Trojan/Exploit.CVE-2013-0074.co 20161106
TrendMicro TROJ_GE.1ED01187 20161107
TrendMicro-HouseCall TROJ_GE.1ED01187 20161107
VBA32 Exploit.MSIL.CVE20130074 20161105
ViRobot Trojan.Win32.Z.Exploit.9728.A[h] 20161106
Yandex Exploit.CVE-2013-0074! 20161106
Zillya Exploit.CVE.Win32.247 20161105
Alibaba 20161107
Antiy-AVL 20161107
Avira (no cloud) 20161106
CAT-QuickHeal 20161105
ClamAV 20161107
CMC 20161106
CrowdStrike Falcon (ML) 20161024
Fortinet 20161107
Sophos ML 20161018
Kingsoft 20161107
Malwarebytes 20161106
McAfee-GW-Edition 20161107
nProtect 20161107
Qihoo-360 20161107
Rising 20161107
SUPERAntiSpyware 20161107
Symantec 20161107
VIPRE 20161107
Zoner 20161107
The file being studied is a compressed stream! More specifically, it is a ZIP file.
Interesting properties
The studied file contains at least one Portable Executable.
Contained files
Compression metadata
Contained files
3
Uncompressed size
27145
Highest datetime
2015-02-28 15:01:52
Lowest datetime
2015-02-28 15:01:52
Contained files by extension
dll
1
Contained files by type
unknown
2
Portable Executable
1
ExifTool file metadata
MIMEType
application/zip

ZipRequiredVersion
20

ZipCRC
0x50f710ae

FileType
ZIP

ZipCompression
Deflated

ZipUncompressedSize
349

ZipCompressedSize
203

FileTypeExtension
zip

ZipFileName
AppManifest.xaml

ZipBitFlag
0x0800

ZipModifyDate
2015:02:28 15:01:26

PCAP parents
File identification
MD5 86655b5b59af502937b6ffd5ee4a2f32
SHA1 3cd4bd67a378e0a46928091b65dc7027aa911427
SHA256 019e2c53fb7651b51dee5e4ba5243d3d78b29ac8be856a773ac387c241e4f0af
ssdeep
192:rMJhooCUuk/sYiGY6oZy7D17VyUDI2KWkAUTTuR+z3cWp/4W2c1IydjMiB:UhF5UYA6o87VVnM2TTU/Y+cWp/4W2mdp

File size 10.6 KB ( 10818 bytes )
File type ZIP
Magic literal
Zip archive data, at least v2.0 to extract

TrID Silverlight Application Package (77.7%)
ZIP compressed archive (22.2%)
Tags
contains-pe cve-2013-0074 exploit zip

VirusTotal metadata
First submission 2015-03-03 08:14:54 UTC ( 3 years, 3 months ago )
Last submission 2016-11-07 02:54:09 UTC ( 1 year, 7 months ago )
File names 2015-03-02-Fiesta-EK-Silverlight-Exploit.xap
2015-03-02-Fiesta-EK-silverlight-exploit.xap
2155740c520ada2c415d430e000f045704030d0e035600580705530001565607;5110411
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!