× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 3a4d66f9efdf1b69dacc9bff7eba6a09a13f3953ca6028b29dbc58ac3b010aac
File name: Spartan_66f34cd7ef06a78df552d18c729ae53c.swf
Detection ratio: 0 / 54
Analysis date: 2015-11-12 23:32:56 UTC ( 3 years, 2 months ago ) View latest
Antivirus Result Update
AegisLab 20151112
Yandex 20151112
AhnLab-V3 20151112
Alibaba 20151112
ALYac 20151112
Antiy-AVL 20151112
Arcabit 20151112
Avast 20151112
AVG 20151112
Avira (no cloud) 20151112
AVware 20151112
Baidu-International 20151112
BitDefender 20151112
ByteHero 20151113
CAT-QuickHeal 20151112
ClamAV 20151112
CMC 20151112
Comodo 20151112
Cyren 20151112
DrWeb 20151112
Emsisoft 20151112
ESET-NOD32 20151112
F-Prot 20151112
F-Secure 20151112
Fortinet 20151112
GData 20151112
Ikarus 20151112
Jiangmin 20151112
K7AntiVirus 20151112
K7GW 20151112
Kaspersky 20151112
Malwarebytes 20151112
McAfee 20151112
McAfee-GW-Edition 20151112
Microsoft 20151112
eScan 20151112
NANO-Antivirus 20151112
nProtect 20151112
Panda 20151112
Qihoo-360 20151113
Rising 20151112
Sophos AV 20151112
SUPERAntiSpyware 20151112
Symantec 20151112
Tencent 20151113
TheHacker 20151110
TotalDefense 20151112
TrendMicro 20151112
TrendMicro-HouseCall 20151112
VBA32 20151112
VIPRE 20151112
ViRobot 20151113
Zillya 20151112
Zoner 20151112
The file being studied is a SWF file! SWF files deliver vector graphics, text, video, and sound over the Internet.
Commonly abused SWF properties
The studied SWF file makes use of ActionScript3, some exploits have been found in the past targeting the ActionScript Virtual Machine. ActionScript has also been used to force unwanted redirections and other badness. Note that many legitimate flash files may also use it to implement rich content and animations.
Opens or replaces a window in the application that contains the Flash Player container with the contents of a given URL using the navigateToURL ActionScript function.
Contains ActionScript code to request and retrieve content from Internet URLs.
The studied SWF file makes use of the loadBytes ActionScript3 functionality, commonly used to load other files and arbitrary code at runtime.
SWF Properties
SWF version
14
Compression
zlib
Frame size
300.0x250.0 px
Frame count
1
Duration
0.042 seconds
File attributes
ActionScript3, UseNetwork
Unrecognized SWF tags
0
Total SWF tags
14
ActionScript 3 Packages
adobe.utils
flash.accessibility
flash.desktop
flash.display
flash.errors
flash.events
flash.external
flash.filters
flash.geom
flash.globalization
flash.media
flash.net
flash.net.drm
flash.printing
flash.profiler
flash.sampler
flash.sensors
flash.system
flash.text
flash.text.engine
flash.text.ime
flash.ui
flash.utils
flash.xml
ExifTool file metadata
MIMEType
application/x-shockwave-flash

ImageSize
300x250

FileType
SWF

Megapixels
0.075

FrameRate
24

FlashVersion
14

FileTypeExtension
swf

Compressed
True

ImageWidth
300

Duration
0.04 s

FlashAttributes
UseNetwork, ActionScript3

FrameCount
1

ImageHeight
250

File identification
MD5 66f34cd7ef06a78df552d18c729ae53c
SHA1 92bc3316b553b366c227bb1e2e4bbd19605b670b
SHA256 3a4d66f9efdf1b69dacc9bff7eba6a09a13f3953ca6028b29dbc58ac3b010aac
ssdeep
384:B5wP7m4jdCXtc5yrv27JMQdhZphQBiK6+NiF93:BC7djdCXt6CGJ/ZphQBDkf3

File size 14.7 KB ( 15012 bytes )
File type Flash
Magic literal
Macromedia Flash data (compressed), version 14

TrID Macromedia Flash Player Compressed Movie (100.0%)
Tags
flash exploit zlib loadbytes cve-2015-7645

VirusTotal metadata
First submission 2015-11-12 23:32:56 UTC ( 3 years, 2 months ago )
Last submission 2018-07-13 09:47:59 UTC ( 6 months, 1 week ago )
File names 66f34cd7ef06a78df552d18c729ae53c.swf
83283175
output.83283175.txt
3a4d66f9efdf1b69dacc9bff7eba6a09a13f3953ca6028b29dbc58ac3b010aac
5d02fcf75f8bbde6dda3fe1217a92355473f2a6f
Spartan_66f34cd7ef06a78df552d18c729ae53c.swf
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!