× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 506a3f2883d2160a0c0fe43fee06f400804526ae36bb6f66b9ba16b9577cba73
File name: 2015-04-25-Nuclear-EK-Flash-Exploit.swf
Detection ratio: 4 / 57
Analysis date: 2015-04-26 21:58:42 UTC ( 2 years, 7 months ago ) View latest
Antivirus Result Update
DrWeb Exploit.SWF.434 20150426
McAfee SWF/Exploit-Anogre.b 20150426
McAfee-GW-Edition SWF/Exploit-Anogre.b 20150426
TrendMicro-HouseCall Suspicious_GEN.F47V0423 20150426
Ad-Aware 20150426
AegisLab 20150426
Yandex 20150426
AhnLab-V3 20150426
Alibaba 20150426
ALYac 20150426
Antiy-AVL 20150426
Avast 20150426
AVG 20150426
Avira (no cloud) 20150426
AVware 20150426
Baidu-International 20150426
BitDefender 20150426
Bkav 20150425
ByteHero 20150426
CAT-QuickHeal 20150425
ClamAV 20150426
CMC 20150423
Comodo 20150426
Cyren 20150426
Emsisoft 20150426
ESET-NOD32 20150426
F-Prot 20150426
F-Secure 20150426
Fortinet 20150426
GData 20150426
Ikarus 20150426
Jiangmin 20150426
K7AntiVirus 20150426
K7GW 20150426
Kaspersky 20150426
Kingsoft 20150426
Malwarebytes 20150426
Microsoft 20150426
eScan 20150426
NANO-Antivirus 20150426
Norman 20150426
nProtect 20150424
Panda 20150424
Qihoo-360 20150426
Rising 20150426
Sophos AV 20150426
SUPERAntiSpyware 20150425
Symantec 20150426
Tencent 20150426
TheHacker 20150426
TotalDefense 20150426
TrendMicro 20150426
VBA32 20150426
VIPRE 20150426
ViRobot 20150426
Zillya 20150426
Zoner 20150424
The file being studied is a SWF file! SWF files deliver vector graphics, text, video, and sound over the Internet.
Commonly abused SWF properties
The studied SWF file makes use of ActionScript3, some exploits have been found in the past targeting the ActionScript Virtual Machine. ActionScript has also been used to force unwanted redirections and other badness. Note that many legitimate flash files may also use it to implement rich content and animations.
The studied SWF file makes use of the loadBytes ActionScript3 functionality, commonly used to load other files and arbitrary code at runtime.
SWF Properties
SWF version
28
Compression
lzma
Frame size
500.0x375.0 px
Frame count
1
Duration
0.042 seconds
File attributes
HasMetadata, ActionScript3, UseNetwork
Unrecognized SWF tags
0
Total SWF tags
9
ActionScript 3 Packages
flash.display
flash.events
flash.external
flash.system
flash.utils
SWF metadata
PCAP parents
File identification
MD5 e98158dc5382d7c5616b95a6ff20dfdf
SHA1 6dab0a9d9c543c5db42ae5a6b679f0e7067798e4
SHA256 506a3f2883d2160a0c0fe43fee06f400804526ae36bb6f66b9ba16b9577cba73
ssdeep
384:njVcLNG5xV3GtcSMS2TxCu6mXOz1kXH0ANWLbN:jVcL+V3GySM/Q4xHtNSp

File size 13.3 KB ( 13615 bytes )
File type Flash
Magic literal
data

TrID Unknown!
Tags
lzma flash loadbytes

VirusTotal metadata
First submission 2015-04-21 05:23:00 UTC ( 2 years, 7 months ago )
Last submission 2015-12-15 19:09:49 UTC ( 1 year, 11 months ago )
File names NukeEKFlash1
flash
506a3f2883d2160a0c0fe43fee06f400804526ae36bb6f66b9ba16b9577cba73.swf
f702
2015-04-25-Nuclear-EK-Flash-Exploit.swf
0c5c.swf
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!