× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 353d43559eef91a2a533d897721a68261b43a5f84bb59d6372bdfac0ce57b826
File name: %3f947545190441&id=225
Detection ratio: 24 / 58
Analysis date: 2017-09-28 14:34:46 UTC ( 2 weeks, 5 days ago )
Antivirus Result Update
Ad-Aware Script.SWF.C326 20170928
AegisLab Exploit.Swf.Agent!c 20170928
AhnLab-V3 SWF/Agent 20170928
Arcabit Script.SWF.C326 20170928
Avast SWF:Malware-gen [Trj] 20170928
AVG SWF:Malware-gen [Trj] 20170928
Avira (no cloud) EXP/CVE-2016-4117.D.Gen 20170928
BitDefender Script.SWF.C326 20170928
CAT-QuickHeal SWF.GenSusp.A 20170928
Comodo UnclassifiedMalware 20170928
Cyren SWF/Trojan.VJAH-1 20170928
Emsisoft Script.SWF.C326 (B) 20170928
F-Secure Script.SWF.C326 20170928
GData Script.SWF.C326 20170928
Ikarus SWF.Script.C332 20170928
Kaspersky HEUR:Exploit.SWF.Agent.gen 20170928
MAX malware (ai score=83) 20170928
Microsoft VirTool:SWF/Injector.E 20170928
eScan Script.SWF.C326 20170928
Qihoo-360 swf.exp.shellcode.a 20170928
Symantec Trojan.Gen.6 20170928
Tencent Win32.Exploit.Agent.Pbzd 20170928
TrendMicro HEUR_SWFSC.B 20170928
ZoneAlarm by Check Point HEUR:Exploit.SWF.Agent.gen 20170928
Alibaba 20170911
Antiy-AVL 20170928
Avast-Mobile 20170928
AVware 20170928
Baidu 20170928
ClamAV 20170928
CMC 20170928
CrowdStrike Falcon (ML) 20170804
Cylance 20170928
DrWeb 20170928
Endgame 20170821
ESET-NOD32 20170928
F-Prot 20170928
Fortinet 20170928
Sophos ML 20170914
Jiangmin 20170928
K7AntiVirus 20170928
K7GW 20170928
Kingsoft 20170928
Malwarebytes 20170928
McAfee 20170928
McAfee-GW-Edition 20170928
NANO-Antivirus 20170928
nProtect 20170928
Palo Alto Networks (Known Signatures) 20170928
Panda 20170928
Rising 20170928
SentinelOne (Static ML) 20170806
Sophos AV 20170928
SUPERAntiSpyware 20170928
Symantec Mobile Insight 20170928
TheHacker 20170925
TotalDefense 20170928
TrendMicro-HouseCall 20170928
Trustlook 20170928
VBA32 20170928
VIPRE 20170928
ViRobot 20170928
Webroot 20170928
WhiteArmor 20170927
Yandex 20170908
Zillya 20170928
Zoner 20170928
The file being studied is a SWF file! SWF files deliver vector graphics, text, video, and sound over the Internet.
Commonly abused SWF properties
The studied SWF file makes use of ActionScript3, some exploits have been found in the past targeting the ActionScript Virtual Machine. ActionScript has also been used to force unwanted redirections and other badness. Note that many legitimate flash files may also use it to implement rich content and animations.
SWF Properties
SWF version
32
Frame size
600.0x440.0 px
Frame count
1
Duration
0.033 seconds
File attributes
HasMetadata, ActionScript3, UseNetwork
Unrecognized SWF tags
0
Total SWF tags
8
ActionScript 3 Packages
flash.display
flash.events
flash.net
flash.system
flash.utils
ExifTool file metadata
MIMEType
application/x-shockwave-flash

ImageSize
600x440

FileType
SWF

Megapixels
0.264

FrameRate
30

FlashVersion
32

FileTypeExtension
swf

Compressed
False

ImageWidth
600

Duration
0.03 s

FlashAttributes
UseNetwork, ActionScript3, HasMetadata

FrameCount
1

ImageHeight
440

PCAP parents
File identification
MD5 40b9ab78d801d45ecd1e20e336f70ff2
SHA1 cd03683159c559e04339cb150ea474d1865a8584
SHA256 353d43559eef91a2a533d897721a68261b43a5f84bb59d6372bdfac0ce57b826
ssdeep
384:Ar+3gV+cRFJxtG6uEdQiZBaQ8LSQsFJE67V7PvQTzMutIh4n:M+3gV+oBHAWBFSWDvyzihC

File size 20.6 KB ( 21139 bytes )
File type Flash
Magic literal
Macromedia Flash data, version 32

TrID Macromedia Flash Player Movie (100.0%)
Tags
flash exploit cve-2016-4117

VirusTotal metadata
First submission 2017-01-08 23:12:42 UTC ( 9 months, 1 week ago )
Last submission 2017-09-28 14:34:46 UTC ( 2 weeks, 5 days ago )
File names s_f_2.swf
%3f947545190441&id=225
sa72_2017-01-06T20.54.50+0100_10.1.6.104-49186_188.165.163.226-80_40b9ab78d801d45ecd1e20e336f70ff2_7.swf
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!