× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 353d43559eef91a2a533d897721a68261b43a5f84bb59d6372bdfac0ce57b826
File name: %3f947545190441&id=225
Detection ratio: 14 / 60
Analysis date: 2018-05-19 01:01:12 UTC ( 4 days, 17 hours ago )
Antivirus Result Update
AegisLab Exploit.Swf.Agent!c 20180519
AhnLab-V3 SWF/Agent 20180518
Avira (no cloud) EXP/CVE-2016-4117.D.Gen 20180518
CAT-QuickHeal SWF.GenSusp.A 20180518
Comodo .UnclassifiedMalware 20180519
Ikarus Exploit.CVE-2016-4117 20180518
Kaspersky HEUR:Exploit.SWF.Agent.gen 20180519
MAX malware (ai score=99) 20180519
Microsoft VirTool:SWF/Injector.E 20180518
Qihoo-360 swf.exp.shellcode.a 20180519
Symantec Trojan.Gen.6 20180518
Tencent Win32.Exploit.Agent.Pbzd 20180519
TrendMicro HEUR_SWFSC.B 20180519
ZoneAlarm by Check Point HEUR:Exploit.SWF.Agent.gen 20180519
Ad-Aware 20180519
Alibaba 20180518
ALYac 20180519
Antiy-AVL 20180519
Arcabit 20180519
Avast 20180519
Avast-Mobile 20180518
AVG 20180519
AVware 20180519
Babable 20180406
Baidu 20180518
BitDefender 20180519
Bkav 20180518
ClamAV 20180518
CMC 20180518
CrowdStrike Falcon (ML) 20180418
Cybereason None
Cylance 20180519
Cyren 20180519
DrWeb 20180519
eGambit 20180519
Emsisoft 20180519
Endgame 20180507
ESET-NOD32 20180518
F-Prot 20180519
F-Secure 20180519
Fortinet 20180519
GData 20180519
Sophos ML 20180503
Jiangmin 20180519
K7AntiVirus 20180518
K7GW 20180518
Kingsoft 20180519
Malwarebytes 20180519
McAfee 20180519
McAfee-GW-Edition 20180518
eScan 20180518
NANO-Antivirus 20180519
nProtect 20180519
Palo Alto Networks (Known Signatures) 20180519
Panda 20180518
Rising 20180518
SentinelOne (Static ML) 20180225
Sophos AV 20180518
SUPERAntiSpyware 20180518
Symantec Mobile Insight 20180518
TheHacker 20180516
TotalDefense 20180518
TrendMicro-HouseCall 20180518
Trustlook 20180519
VBA32 20180518
VIPRE 20180518
ViRobot 20180518
Webroot 20180519
Yandex 20180518
Zillya 20180516
Zoner 20180518
The file being studied is a SWF file! SWF files deliver vector graphics, text, video, and sound over the Internet.
Commonly abused SWF properties
The studied SWF file makes use of ActionScript3, some exploits have been found in the past targeting the ActionScript Virtual Machine. ActionScript has also been used to force unwanted redirections and other badness. Note that many legitimate flash files may also use it to implement rich content and animations.
SWF Properties
SWF version
32
Frame size
600.0x440.0 px
Frame count
1
Duration
0.033 seconds
File attributes
HasMetadata, ActionScript3, UseNetwork
Unrecognized SWF tags
0
Total SWF tags
8
ActionScript 3 Packages
flash.display
flash.events
flash.net
flash.system
flash.utils
ExifTool file metadata
MIMEType
application/x-shockwave-flash

ImageSize
600x440

FileType
SWF

Megapixels
0.264

FrameRate
30

FlashVersion
32

FileTypeExtension
swf

Compressed
False

ImageWidth
600

Duration
0.03 s

FlashAttributes
UseNetwork, ActionScript3, HasMetadata

FrameCount
1

ImageHeight
440

PCAP parents
File identification
MD5 40b9ab78d801d45ecd1e20e336f70ff2
SHA1 cd03683159c559e04339cb150ea474d1865a8584
SHA256 353d43559eef91a2a533d897721a68261b43a5f84bb59d6372bdfac0ce57b826
ssdeep
384:Ar+3gV+cRFJxtG6uEdQiZBaQ8LSQsFJE67V7PvQTzMutIh4n:M+3gV+oBHAWBFSWDvyzihC

File size 20.6 KB ( 21139 bytes )
File type Flash
Magic literal
Macromedia Flash data, version 32

TrID Macromedia Flash Player Movie (100.0%)
Tags
flash exploit cve-2016-4117

VirusTotal metadata
First submission 2017-01-08 23:12:42 UTC ( 1 year, 4 months ago )
Last submission 2018-05-19 01:01:12 UTC ( 4 days, 17 hours ago )
File names s_f_2.swf
%3f947545190441&id=225
sa72_2017-01-06T20.54.50+0100_10.1.6.104-49186_188.165.163.226-80_40b9ab78d801d45ecd1e20e336f70ff2_7.swf
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!