× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 55eea72f4fdf639987fc80789040dc1e98091c4adf8f30aebaba86d15f3aae06
File name: .BC.T_4WmsTm
Detection ratio: 35 / 58
Analysis date: 2019-01-22 19:10:44 UTC ( 3 hours, 29 minutes ago )
Antivirus Result Update
Ad-Aware Script.SWF.CVE-2015-5122++.C179 20190122
AhnLab-V3 SWF/Exploit 20190122
ALYac Script.SWF.CVE-2015-5122++.C179 20190122
Antiy-AVL Trojan[Exploit]/SWF.CVE-2015-5122 20190122
Arcabit Script.SWF.CVE-2015-5122++.C179 20190122
Avast SWF:Agent-EZ [Expl] 20190122
AVG SWF:Agent-EZ [Expl] 20190122
Avira (no cloud) EXP/CVE-2015-5122.D.Gen 20190122
BitDefender Script.SWF.CVE-2015-5122++.C179 20190122
CAT-QuickHeal Exp.SWF.CVE-2015-5122.A 20190122
ClamAV Swf.Exploit.Generic-1585 20190122
Comodo Malware@#17x8rxbdoyyl4 20190122
Cyren SWF/Exploit 20190122
DrWeb Exploit.SWF.1192 20190122
ESET-NOD32 a variant of SWF/Exploit.ExKit.ABX 20190122
F-Prot SWF/Exploit 20190122
F-Secure Script.SWF.CVE-2015-5122++.C179 20190122
GData Script.SWF.CVE-2015-5122++.C179 20190122
Ikarus Trojan.SWF.Exploit 20190122
Kaspersky HEUR:Exploit.SWF.Generic 20190122
MAX malware (ai score=100) 20190122
McAfee Exploit-CVE2015-5122 20190122
McAfee-GW-Edition BehavesLike.Flash.Exploit.mg 20190122
Microsoft Trojan:Win32/Skeeyah.A!rfn 20190122
eScan Script.SWF.CVE-2015-5122++.C179 20190122
Qihoo-360 swf.exp.msf.a 20190122
Rising Exploit.SWFGen!1.AA1B (CLASSIC) 20190122
Sophos AV Troj/SWFExp-LD 20190122
Symantec Trojan.Gen.2 20190122
Tencent Win32.Exploit.Generic.Gby 20190122
TrendMicro SWF_CVE20155122.H 20190122
TrendMicro-HouseCall SWF_CVE20155122.H 20190122
ViRobot SWF.Z.Cve-2015-5122.43233 20190122
Zillya Exploit.Generic.Script.1 20190122
ZoneAlarm by Check Point HEUR:Exploit.SWF.Generic 20190122
Acronis 20190119
AegisLab 20190122
Alibaba 20180921
Avast-Mobile 20190122
Babable 20180918
Baidu 20190122
Bkav 20190122
CMC 20190122
CrowdStrike Falcon (ML) 20181023
Cybereason 20190109
Cylance 20190122
eGambit 20190122
Emsisoft 20190122
Endgame 20181108
Fortinet 20190122
Sophos ML 20181128
Jiangmin 20190122
K7AntiVirus 20190122
K7GW 20190122
Kingsoft 20190122
Malwarebytes 20190122
NANO-Antivirus 20190122
Palo Alto Networks (Known Signatures) 20190122
Panda 20190122
SentinelOne (Static ML) 20190118
SUPERAntiSpyware 20190116
TACHYON 20190122
TheHacker 20190118
TotalDefense 20190122
Trapmine 20190103
Trustlook 20190122
VBA32 20190122
VIPRE 20190122
Webroot 20190122
Yandex 20190122
Zoner 20190122
The file being studied is a SWF file! SWF files deliver vector graphics, text, video, and sound over the Internet.
Commonly abused SWF properties
The studied SWF file makes use of ActionScript3, some exploits have been found in the past targeting the ActionScript Virtual Machine. ActionScript has also been used to force unwanted redirections and other badness. Note that many legitimate flash files may also use it to implement rich content and animations.
Contains ActionScript code to request and retrieve content from Internet URLs.
The studied SWF file makes use of the loadBytes ActionScript3 functionality, commonly used to load other files and arbitrary code at runtime.
The studied SWF file performs environment identification.
The flash file uses methods of the ExternalInterface class to communicate with the external host of the Flash plugin, such as the web browser.
SWF Properties
SWF version
29
Compression
zlib
Frame size
800.0x600.0 px
Frame count
1
Duration
0.033 seconds
File attributes
HasMetadata, ActionScript3, UseNetwork
Unrecognized SWF tags
2
Total SWF tags
42
ActionScript 3 Packages
flash.display
flash.events
flash.external
flash.net
flash.system
flash.text
flash.text.engine
flash.utils
mx.core
mx.events
mx.managers
mx.modules
mx.resources
mx.utils
SWF metadata
Suspicious strings
ExifTool file metadata
MIMEType
application/x-shockwave-flash

Publisher
unknown

Megapixels
0.48

Description
http://www.adobe.com/products/flex

Language
EN

Format
application/x-shockwave-flash

FlashAttributes
UseNetwork, ActionScript3, HasMetadata

Title
Adobe Flex 4 Application

FrameRate
30

FlashVersion
29

Duration
0.03 s

Creator
unknown

FileTypeExtension
swf

Compressed
True

ImageWidth
800

Date
Jul 16, 2015

ImageHeight
600

Warning
[minor] Fixed incorrect URI for xmlns:dc

FileType
SWF

FrameCount
1

ImageSize
800x600

File identification
MD5 02ea4ef6390955b051721eaf97a81d01
SHA1 589cbcf450473cfd64c22b6aa5523580113dd56c
SHA256 55eea72f4fdf639987fc80789040dc1e98091c4adf8f30aebaba86d15f3aae06
ssdeep
768:7u5jC48X4HOMwfkzQcIXc2jBesNpMPnT4iz75Ox52jjgqbOMUdAny2t:SNj8XodNQcicc9rMP8075EAjyMUuyq

File size 42.2 KB ( 43233 bytes )
File type Flash
Magic literal
Macromedia Flash data (compressed), version 29

TrID Macromedia Flash Player Compressed Movie (100.0%)
Tags
zlib cve-2015-5122 flash capabilities exploit ext-interface loadbytes

VirusTotal metadata
First submission 2015-07-19 10:29:26 UTC ( 3 years, 6 months ago )
Last submission 2018-12-08 19:44:35 UTC ( 1 month, 2 weeks ago )
File names .BC.T_4WmsTm
GMk09YhRHFYC.swf
1kT2MFW3wg12.swf
oiuhygnjda.swf
hs.swf
msf.swf.log
p9YFjJhORINX.swf
yxaX.swf
msf.swf
ai0HHKyQ8DNK.swf
qMkffQ3QPIsJ.swf
ddMeC17kz0M6.swf
xfldK.swf
upFYQOOEdV2Q.swf
kqhmJCqcCjAl.swf
CVE-2015-5122.swf
ROOBaCIKNTnP.swf
ODSX.swf
DgfmWO.swf
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!