× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 353d43559eef91a2a533d897721a68261b43a5f84bb59d6372bdfac0ce57b826
File name: sa72_2017-01-06T20.54.50+0100_10.1.6.104-49186_188.165.163.226-80...
Detection ratio: 23 / 57
Analysis date: 2017-06-24 00:47:19 UTC ( 1 month, 3 weeks ago )
Antivirus Result Update
Ad-Aware Script.SWF.C374 20170623
AegisLab Exploit.Swf.Agent!c 20170623
AhnLab-V3 SWF/Agent 20170623
ALYac Script.SWF.C374 20170623
Arcabit Script.SWF.C374 20170623
Avast SWF:Malware-gen [Trj] 20170624
AVG SWF:Malware-gen [Trj] 20170624
Avira (no cloud) EXP/CVE-2016-4117.D.Gen 20170623
BitDefender Script.SWF.C374 20170623
CAT-QuickHeal SWF.GenSusp.A 20170623
Cyren SWF/Trojan.VJAH-1 20170623
Emsisoft Script.SWF.C374 (B) 20170623
F-Secure Script.SWF.C374 20170623
GData Script.SWF.C374 20170623
Ikarus Virus.SWF.Injector 20170623
Kaspersky HEUR:Exploit.SWF.Agent.gen 20170624
Microsoft VirTool:SWF/Injector.E 20170624
eScan Script.SWF.C374 20170623
Qihoo-360 swf.exp.shellcode.a 20170624
Symantec Trojan.Gen.6 20170623
Tencent Win32.Exploit.Agent.Pbzd 20170624
TrendMicro HEUR_SWFSC.B 20170623
ZoneAlarm by Check Point HEUR:Exploit.SWF.Agent.gen 20170623
Alibaba 20170623
Antiy-AVL 20170624
AVware 20170623
Baidu 20170623
Bkav 20170623
ClamAV 20170623
CMC 20170619
Comodo 20170624
CrowdStrike Falcon (ML) 20170420
DrWeb 20170623
Endgame 20170615
ESET-NOD32 20170624
F-Prot 20170623
Fortinet 20170623
Sophos ML 20170607
Jiangmin 20170623
K7AntiVirus 20170623
K7GW 20170623
Kingsoft 20170624
Malwarebytes 20170623
McAfee 20170623
McAfee-GW-Edition 20170623
NANO-Antivirus 20170623
nProtect 20170623
Palo Alto Networks (Known Signatures) 20170624
Panda 20170623
Rising 20170619
SentinelOne (Static ML) 20170516
Sophos AV 20170623
SUPERAntiSpyware 20170623
Symantec Mobile Insight 20170623
TheHacker 20170623
TotalDefense 20170623
TrendMicro-HouseCall 20170624
Trustlook 20170624
VBA32 20170623
VIPRE 20170624
ViRobot 20170623
Webroot 20170624
WhiteArmor 20170616
Yandex 20170623
Zillya 20170623
Zoner 20170624
The file being studied is a SWF file! SWF files deliver vector graphics, text, video, and sound over the Internet.
Commonly abused SWF properties
The studied SWF file makes use of ActionScript3, some exploits have been found in the past targeting the ActionScript Virtual Machine. ActionScript has also been used to force unwanted redirections and other badness. Note that many legitimate flash files may also use it to implement rich content and animations.
SWF Properties
SWF version
32
Frame size
600.0x440.0 px
Frame count
1
Duration
0.033 seconds
File attributes
HasMetadata, ActionScript3, UseNetwork
Unrecognized SWF tags
0
Total SWF tags
8
ActionScript 3 Packages
flash.display
flash.events
flash.net
flash.system
flash.utils
ExifTool file metadata
MIMEType
application/x-shockwave-flash

ImageSize
600x440

FileType
SWF

Megapixels
0.264

FrameRate
30

FlashVersion
32

FileTypeExtension
swf

Compressed
False

ImageWidth
600

Duration
0.03 s

FlashAttributes
UseNetwork, ActionScript3, HasMetadata

FrameCount
1

ImageHeight
440

PCAP parents
File identification
MD5 40b9ab78d801d45ecd1e20e336f70ff2
SHA1 cd03683159c559e04339cb150ea474d1865a8584
SHA256 353d43559eef91a2a533d897721a68261b43a5f84bb59d6372bdfac0ce57b826
ssdeep
384:Ar+3gV+cRFJxtG6uEdQiZBaQ8LSQsFJE67V7PvQTzMutIh4n:M+3gV+oBHAWBFSWDvyzihC

File size 20.6 KB ( 21139 bytes )
File type Flash
Magic literal
Macromedia Flash data, version 32

TrID Macromedia Flash Player Movie (100.0%)
Tags
flash exploit cve-2016-4117

VirusTotal metadata
First submission 2017-01-08 23:12:42 UTC ( 7 months, 1 week ago )
Last submission 2017-01-11 20:20:57 UTC ( 7 months ago )
File names s_f_2.swf
sa72_2017-01-06T20.54.50+0100_10.1.6.104-49186_188.165.163.226-80_40b9ab78d801d45ecd1e20e336f70ff2_7.swf
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!