× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 55eea72f4fdf639987fc80789040dc1e98091c4adf8f30aebaba86d15f3aae06
File name: .BC.T_GmWbIH
Detection ratio: 37 / 58
Analysis date: 2019-04-26 00:59:36 UTC ( 12 hours, 43 minutes ago )
Antivirus Result Update
Ad-Aware Script.SWF.CVE-2015-5122++.C179 20190426
AegisLab Hacktool.SWF.Generic.3!c 20190425
AhnLab-V3 SWF/Exploit 20190425
ALYac Script.SWF.CVE-2015-5122++.C179 20190425
Antiy-AVL Trojan[Exploit]/SWF.CVE-2015-5122 20190425
Arcabit Script.SWF.CVE-2015-5122++.C179 20190425
Avast SWF:Agent-EZ [Expl] 20190425
AVG SWF:Agent-EZ [Expl] 20190425
Avira (no cloud) EXP/CVE-2015-5122.D.Gen 20190426
BitDefender Script.SWF.CVE-2015-5122++.C179 20190425
CAT-QuickHeal Exp.SWF.CVE-2015-5122.A 20190425
ClamAV Swf.Exploit.Generic-1585 20190425
Comodo Malware@#17x8rxbdoyyl4 20190426
Cyren SWF/Exploit 20190425
DrWeb Exploit.SWF.1192 20190425
ESET-NOD32 a variant of SWF/Exploit.ExKit.ABX 20190426
F-Prot SWF/Exploit 20190425
F-Secure Exploit.EXP/CVE-2015-5122.D.Gen 20190425
FireEye Script.SWF.CVE-2015-5122++.C179 20190426
Fortinet SWF/CVE_2015_5122.D!exploit 20190425
GData Script.SWF.CVE-2015-5122++.C179 20190425
Ikarus Trojan.SWF.Exploit 20190425
Kaspersky HEUR:Exploit.SWF.Generic 20190426
MAX malware (ai score=100) 20190426
McAfee Exploit-CVE2015-5122 20190426
McAfee-GW-Edition BehavesLike.Flash.Exploit.mg 20190425
Microsoft Trojan:Win32/Skeeyah.A!rfn 20190426
eScan Script.SWF.CVE-2015-5122++.C179 20190426
Qihoo-360 swf.exp.msf.a 20190426
Rising Exploit.SWFGen!1.AA1B (CLASSIC) 20190426
Sophos AV Troj/SWFExp-LD 20190426
Symantec Trojan.Gen.2 20190425
Tencent Win32.Exploit.Generic.Gby 20190426
TrendMicro SWF_CVE20155122.H 20190426
TrendMicro-HouseCall SWF_CVE20155122.H 20190426
Zillya Exploit.Generic.Script.1 20190424
ZoneAlarm by Check Point HEUR:Exploit.SWF.Generic 20190425
Acronis 20190425
Alibaba 20190425
Avast-Mobile 20190425
Babable 20190424
Baidu 20190318
Bkav 20190425
CMC 20190321
CrowdStrike Falcon (ML) 20190212
Cybereason 20190417
Cylance 20190426
eGambit 20190426
Emsisoft 20190425
Endgame 20190403
Sophos ML 20190313
Jiangmin 20190425
K7AntiVirus 20190425
K7GW 20190426
Kingsoft 20190426
Malwarebytes 20190426
NANO-Antivirus 20190426
Palo Alto Networks (Known Signatures) 20190426
Panda 20190425
SentinelOne (Static ML) 20190420
SUPERAntiSpyware 20190423
Symantec Mobile Insight 20190418
TACHYON 20190426
TheHacker 20190421
TotalDefense 20190425
Trapmine 20190325
Trustlook 20190426
VBA32 20190425
ViRobot 20190425
Webroot 20190426
Yandex 20190425
Zoner 20190426
The file being studied is a SWF file! SWF files deliver vector graphics, text, video, and sound over the Internet.
Commonly abused SWF properties
The studied SWF file makes use of ActionScript3, some exploits have been found in the past targeting the ActionScript Virtual Machine. ActionScript has also been used to force unwanted redirections and other badness. Note that many legitimate flash files may also use it to implement rich content and animations.
Contains ActionScript code to request and retrieve content from Internet URLs.
The studied SWF file makes use of the loadBytes ActionScript3 functionality, commonly used to load other files and arbitrary code at runtime.
The studied SWF file performs environment identification.
The flash file uses methods of the ExternalInterface class to communicate with the external host of the Flash plugin, such as the web browser.
SWF Properties
SWF version
29
Compression
zlib
Frame size
800.0x600.0 px
Frame count
1
Duration
0.033 seconds
File attributes
HasMetadata, ActionScript3, UseNetwork
Unrecognized SWF tags
2
Total SWF tags
42
ActionScript 3 Packages
flash.display
flash.events
flash.external
flash.net
flash.system
flash.text
flash.text.engine
flash.utils
mx.core
mx.events
mx.managers
mx.modules
mx.resources
mx.utils
SWF metadata
Suspicious strings
ExifTool file metadata
MIMEType
application/x-shockwave-flash

Publisher
unknown

Megapixels
0.48

Description
http://www.adobe.com/products/flex

Language
EN

Format
application/x-shockwave-flash

FlashAttributes
UseNetwork, ActionScript3, HasMetadata

Title
Adobe Flex 4 Application

FrameRate
30

FlashVersion
29

Duration
0.03 s

Creator
unknown

FileTypeExtension
swf

Compressed
True

ImageWidth
800

Date
Jul 16, 2015

ImageHeight
600

Warning
[minor] Fixed incorrect URI for xmlns:dc

FileType
SWF

FrameCount
1

ImageSize
800x600

File identification
MD5 02ea4ef6390955b051721eaf97a81d01
SHA1 589cbcf450473cfd64c22b6aa5523580113dd56c
SHA256 55eea72f4fdf639987fc80789040dc1e98091c4adf8f30aebaba86d15f3aae06
ssdeep
768:7u5jC48X4HOMwfkzQcIXc2jBesNpMPnT4iz75Ox52jjgqbOMUdAny2t:SNj8XodNQcicc9rMP8075EAjyMUuyq

File size 42.2 KB ( 43233 bytes )
File type Flash
Magic literal
Macromedia Flash data (compressed), version 29

TrID Macromedia Flash Player Compressed Movie (100.0%)
Tags
zlib cve-2015-5122 flash capabilities exploit ext-interface loadbytes

VirusTotal metadata
First submission 2015-07-19 10:29:26 UTC ( 3 years, 9 months ago )
Last submission 2018-12-08 19:44:35 UTC ( 4 months, 2 weeks ago )
File names .BC.T_4WmsTm
GMk09YhRHFYC.swf
CVE-2015-5122.swf
1kT2MFW3wg12.swf
oiuhygnjda.swf
hs.swf
msf.swf.log
p9YFjJhORINX.swf
yxaX.swf
msf.swf
ai0HHKyQ8DNK.swf
qMkffQ3QPIsJ.swf
ddMeC17kz0M6.swf
xfldK.swf
upFYQOOEdV2Q.swf
kqhmJCqcCjAl.swf
.BC.T_GmWbIH
ROOBaCIKNTnP.swf
ODSX.swf
DgfmWO.swf
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!