× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 65b2b38b0b07b856385a507491e3b2616b6b9e6226b58497cac57213e93155d5
File name: vti-rescan
Detection ratio: 4 / 54
Analysis date: 2016-11-13 10:11:51 UTC ( 2 years, 3 months ago )
Antivirus Result Update
Antiy-AVL Trojan[Exploit]/SWF.CVE-2013-0634.A 20161113
DrWeb Exploit.SWF.299 20161113
F-Secure Exploit:SWF/Salama.E 20161113
Jiangmin Exploit.SWF.i 20161113
Ad-Aware 20161113
AegisLab 20161113
AhnLab-V3 20161112
Alibaba 20161110
ALYac 20161113
Arcabit 20161113
Avast 20161113
AVG 20161113
Avira (no cloud) 20161113
AVware 20161113
Baidu 20161111
BitDefender 20161113
Bkav 20161112
CAT-QuickHeal 20161112
ClamAV 20161113
CMC 20161113
Comodo 20161113
CrowdStrike Falcon (ML) 20161024
Cyren 20161113
Emsisoft 20161113
ESET-NOD32 20161112
F-Prot 20161113
Fortinet 20161113
GData 20161113
Ikarus 20161113
Sophos ML 20161018
K7AntiVirus 20161113
K7GW 20161113
Kaspersky 20161113
Kingsoft 20161113
Malwarebytes 20161113
McAfee 20161113
McAfee-GW-Edition 20161113
Microsoft 20161113
eScan 20161113
NANO-Antivirus 20161113
nProtect 20161113
Panda 20161112
Qihoo-360 20161113
Rising 20161113
Sophos AV 20161113
SUPERAntiSpyware 20161112
Symantec 20161113
Tencent 20161113
TheHacker 20161111
TotalDefense 20161113
TrendMicro 20161113
TrendMicro-HouseCall 20161113
VBA32 20161111
VIPRE 20161113
ViRobot 20161113
Yandex 20161112
Zillya 20161111
Zoner 20161113
The file being studied is a SWF file! SWF files deliver vector graphics, text, video, and sound over the Internet.
Commonly abused SWF properties
The studied SWF file makes use of ActionScript3, some exploits have been found in the past targeting the ActionScript Virtual Machine. ActionScript has also been used to force unwanted redirections and other badness. Note that many legitimate flash files may also use it to implement rich content and animations.
The studied SWF file makes use of the loadBytes ActionScript3 functionality, commonly used to load other files and arbitrary code at runtime.
SWF Properties
SWF version
11
Compression
zlib
Frame size
500.0x375.0 px
Frame count
1
Duration
0.042 seconds
File attributes
ActionScript3, UseNetwork
Unrecognized SWF tags
1
Total SWF tags
21
ActionScript 3 Packages
adobe.utils
flash.accessibility
flash.display
flash.errors
flash.events
flash.external
flash.filters
flash.geom
flash.media
flash.net
flash.printing
flash.system
flash.text
flash.ui
flash.utils
flash.xml
ExifTool file metadata
MIMEType
application/x-shockwave-flash

ImageSize
500x375

FileType
SWF

Megapixels
0.188

FrameRate
24

FlashVersion
11

FileTypeExtension
swf

Compressed
True

ImageWidth
500

Duration
0.04 s

FlashAttributes
UseNetwork, ActionScript3

FrameCount
1

ImageHeight
375

File identification
MD5 9b3f38be2fee6a147ffd939fa2ad13e1
SHA1 5a676faefc608272e7434c224e3c29b21ce6de4b
SHA256 65b2b38b0b07b856385a507491e3b2616b6b9e6226b58497cac57213e93155d5
ssdeep
1536:wrrQeREpmarA0JNZheb8x9vyl5ruQHLGx/ustWUZS6l4u3z5:u8eREwibfTbgxuQaNWP6l7V

File size 60.9 KB ( 62411 bytes )
File type Flash
Magic literal
Macromedia Flash data (compressed), version 11

TrID Macromedia Flash Player Compressed Movie (100.0%)
Tags
flash exploit zlib loadbytes cve-2013-0634

VirusTotal metadata
First submission 2013-03-22 09:57:09 UTC ( 5 years, 11 months ago )
Last submission 2014-07-25 10:31:51 UTC ( 4 years, 7 months ago )
File names vti-rescan
2073b6f83ac7406230035840b6d30b27.swf
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!