× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 2dc0c812e3107374ad50ef3417db702683648ecb09ef62100fdcee1a070f74d5
File name: Spartan_56c98b9b4511703b0b671b7fabfd97a24f41a972.swf
Detection ratio: 0 / 55
Analysis date: 2015-11-12 17:27:18 UTC ( 3 years, 2 months ago ) View latest
Antivirus Result Update
Ad-Aware 20151112
AegisLab 20151111
Yandex 20151111
AhnLab-V3 20151112
Alibaba 20151112
ALYac 20151112
Antiy-AVL 20151112
Arcabit 20151112
Avast 20151112
AVG 20151112
Avira (no cloud) 20151112
AVware 20151112
Baidu-International 20151112
BitDefender 20151112
ByteHero 20151112
CAT-QuickHeal 20151112
ClamAV 20151112
CMC 20151112
Comodo 20151112
Cyren 20151112
DrWeb 20151112
Emsisoft 20151112
ESET-NOD32 20151112
F-Prot 20151112
F-Secure 20151112
Fortinet 20151112
GData 20151112
Ikarus 20151112
Jiangmin 20151111
K7AntiVirus 20151112
K7GW 20151112
Kaspersky 20151112
Malwarebytes 20151112
McAfee 20151112
McAfee-GW-Edition 20151112
Microsoft 20151112
eScan 20151112
NANO-Antivirus 20151112
nProtect 20151112
Panda 20151112
Qihoo-360 20151112
Rising 20151112
Sophos AV 20151112
SUPERAntiSpyware 20151112
Symantec 20151112
Tencent 20151112
TheHacker 20151110
TotalDefense 20151112
TrendMicro 20151112
TrendMicro-HouseCall 20151112
VBA32 20151112
VIPRE 20151112
ViRobot 20151112
Zillya 20151111
Zoner 20151112
The file being studied is a SWF file! SWF files deliver vector graphics, text, video, and sound over the Internet.
Commonly abused SWF properties
The studied SWF file makes use of ActionScript3, some exploits have been found in the past targeting the ActionScript Virtual Machine. ActionScript has also been used to force unwanted redirections and other badness. Note that many legitimate flash files may also use it to implement rich content and animations.
Opens or replaces a window in the application that contains the Flash Player container with the contents of a given URL using the navigateToURL ActionScript function.
Contains ActionScript code to request and retrieve content from Internet URLs.
The studied SWF file makes use of the loadBytes ActionScript3 functionality, commonly used to load other files and arbitrary code at runtime.
SWF Properties
SWF version
14
Compression
zlib
Frame size
300.0x250.0 px
Frame count
1
Duration
0.042 seconds
File attributes
ActionScript3, UseNetwork
Unrecognized SWF tags
0
Total SWF tags
14
ActionScript 3 Packages
adobe.utils
flash.accessibility
flash.desktop
flash.display
flash.errors
flash.events
flash.external
flash.filters
flash.geom
flash.globalization
flash.media
flash.net
flash.net.drm
flash.printing
flash.profiler
flash.sampler
flash.sensors
flash.system
flash.text
flash.text.engine
flash.text.ime
flash.ui
flash.utils
flash.xml
ExifTool file metadata
MIMEType
application/x-shockwave-flash

ImageSize
300x250

FileType
SWF

Megapixels
0.075

FrameRate
24

FlashVersion
14

FileTypeExtension
swf

Compressed
True

ImageWidth
300

Duration
0.04 s

FlashAttributes
UseNetwork, ActionScript3

FrameCount
1

ImageHeight
250

File identification
MD5 1c074c862d3e25ec9674e6bd62965ad8
SHA1 56c98b9b4511703b0b671b7fabfd97a24f41a972
SHA256 2dc0c812e3107374ad50ef3417db702683648ecb09ef62100fdcee1a070f74d5
ssdeep
384:4RQ8Rk58e3DuzqM+NNwAsR4KP7AScZUm16r8AzpY:4RQjme3az3p4DZWIAe

File size 14.7 KB ( 15015 bytes )
File type Flash
Magic literal
Macromedia Flash data (compressed), version 14

TrID Macromedia Flash Player Compressed Movie (100.0%)
Tags
flash exploit zlib loadbytes cve-2015-7645

VirusTotal metadata
First submission 2015-11-12 17:27:18 UTC ( 3 years, 2 months ago )
Last submission 2016-06-21 04:07:40 UTC ( 2 years, 7 months ago )
File names Spartan_56c98b9b4511703b0b671b7fabfd97a24f41a972.swf
2dc0c812e3107374ad50ef3417db702683648ecb09ef62100fdcee1a070f74d5
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!