× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 22dc4e02126eceafbab0fa9c1dc4d0b60dd83e92effc413bac23b59e01b626fe
File name: RIG EK Flash exploit.swf
Detection ratio: 19 / 59
Analysis date: 2018-03-07 22:19:32 UTC ( 9 months, 1 week ago ) View latest
Antivirus Result Update
Ad-Aware Script.SWF.C603 20180307
AhnLab-V3 SWF/RigEK.Gen 20180307
ALYac Script.SWF.C603 20180307
Antiy-AVL Trojan[Exploit]/SWF.SWF.Generic 20180307
Arcabit Script.SWF.C603 20180307
Avira (no cloud) EXP/FLASH.Pubenush.AC.Gen 20180307
BitDefender Script.SWF.C603 20180307
CAT-QuickHeal Exp.SWF.Rig.EK.4476 20180307
DrWeb Exploit.SWF.1232 20180307
Emsisoft Script.SWF.C603 (B) 20180307
F-Secure Script.SWF.C603 20180307
GData Script.SWF.C603 20180307
Kaspersky HEUR:Exploit.SWF.Generic 20180307
MAX malware (ai score=86) 20180307
eScan Script.SWF.C603 20180307
Qihoo-360 swf.cve-2015-8651.rig.a 20180307
Rising Exploit.CVE-2015-8651!1.A595 (CLASSIC) 20180307
TrendMicro HEUR_SWFDEC.SC2 20180307
ZoneAlarm by Check Point HEUR:Exploit.SWF.Generic 20180307
AegisLab 20180307
Alibaba 20180307
Avast 20180307
Avast-Mobile 20180307
AVG 20180307
AVware 20180307
Baidu 20180307
Bkav 20180307
ClamAV 20180307
CMC 20180307
Comodo 20180307
CrowdStrike Falcon (ML) 20170201
Cybereason None
Cylance 20180307
Cyren 20180307
eGambit 20180307
Endgame 20180303
ESET-NOD32 20180307
F-Prot 20180307
Fortinet 20180307
Ikarus 20180307
Sophos ML 20180121
Jiangmin 20180307
K7AntiVirus 20180307
K7GW 20180307
Kingsoft 20180307
Malwarebytes 20180307
McAfee 20180307
McAfee-GW-Edition 20180307
Microsoft 20180307
NANO-Antivirus 20180307
nProtect 20180307
Palo Alto Networks (Known Signatures) 20180307
Panda 20180307
SentinelOne (Static ML) 20180225
Sophos AV 20180307
SUPERAntiSpyware 20180307
Symantec 20180307
Symantec Mobile Insight 20180306
Tencent 20180307
TheHacker 20180307
TrendMicro-HouseCall 20180307
Trustlook 20180307
VBA32 20180307
VIPRE 20180307
ViRobot 20180307
Webroot 20180307
WhiteArmor 20180223
Yandex 20180307
Zillya 20180307
Zoner 20180307
The file being studied is a SWF file! SWF files deliver vector graphics, text, video, and sound over the Internet.
Commonly abused SWF properties
The studied SWF file makes use of ActionScript3, some exploits have been found in the past targeting the ActionScript Virtual Machine. ActionScript has also been used to force unwanted redirections and other badness. Note that many legitimate flash files may also use it to implement rich content and animations.
The studied SWF file performs environment identification.
SWF Properties
SWF version
32
Compression
zlib
Frame size
800.0x600.0 px
Frame count
1
Duration
0.033 seconds
File attributes
HasMetadata, ActionScript3, UseNetwork
Unrecognized SWF tags
1
Total SWF tags
14
ActionScript 3 Packages
flash.display
flash.events
flash.system
flash.utils
mx.core
SWF metadata
ExifTool file metadata
MIMEType
application/x-shockwave-flash

ImageSize
800x600

FileType
SWF

Megapixels
0.48

FrameRate
30

FlashVersion
32

FileTypeExtension
swf

Compressed
True

ImageWidth
800

Duration
0.03 s

FlashAttributes
UseNetwork, ActionScript3, HasMetadata

FrameCount
1

ImageHeight
600

PCAP parents
File identification
MD5 ec80c3f3384f47bb273e3f3e33eb837a
SHA1 d9fb63e617b13a51cc15af831084eda5042e415f
SHA256 22dc4e02126eceafbab0fa9c1dc4d0b60dd83e92effc413bac23b59e01b626fe
ssdeep
384:KTjbf+nmbqKrut1WRAYeoCRt/WJFpvRNt63m:KTOuqKyrmA7o4kJFJUW

File size 16.0 KB ( 16405 bytes )
File type Flash
Magic literal
Macromedia Flash data (compressed), version 32

TrID Macromedia Flash Player Compressed Movie (100.0%)
Tags
flash zlib exploit cve-2015-8651 capabilities

VirusTotal metadata
First submission 2018-03-07 22:19:32 UTC ( 9 months, 1 week ago )
Last submission 2018-03-09 09:39:12 UTC ( 9 months, 1 week ago )
File names RIG EK Flash exploit.swf
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!