× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 689ebbad65eabfc2453d9d08f527d87e2196773da114ac86db9844c408ec29d6
File name: 2015-05-02-RIG-EK-Flash-Exploit.swf
Detection ratio: 5 / 56
Analysis date: 2015-05-02 18:05:15 UTC ( 2 years, 6 months ago ) View latest
Antivirus Result Update
GData SWF.Trojan.Agent.BYQTVL 20150502
Kaspersky HEUR:Exploit.SWF.Agent.gen 20150502
McAfee-GW-Edition BehavesLike.Flash.Exploit.mg 20150502
Symantec Exp.CVE-2015-0313 20150502
TrendMicro-HouseCall Suspicious_GEN.F47V0502 20150502
Ad-Aware 20150502
AegisLab 20150502
Yandex 20150502
AhnLab-V3 20150502
Alibaba 20150502
ALYac 20150516
Antiy-AVL 20150502
Avast 20150502
AVG 20150502
Avira (no cloud) 20150502
AVware 20150502
Baidu-International 20150502
BitDefender 20150502
Bkav 20150425
ByteHero 20150502
CAT-QuickHeal 20150502
ClamAV 20150516
CMC 20150501
Comodo 20150502
Cyren 20150502
DrWeb 20150502
Emsisoft 20150516
ESET-NOD32 20150502
F-Prot 20150502
F-Secure 20150502
Fortinet 20150502
Ikarus 20150502
Jiangmin 20150430
K7AntiVirus 20150502
K7GW 20150502
Kingsoft 20150516
McAfee 20150502
Microsoft 20150502
eScan 20150502
NANO-Antivirus 20150502
Norman 20150502
nProtect 20150430
Panda 20150502
Qihoo-360 20150516
Rising 20150502
Sophos AV 20150502
SUPERAntiSpyware 20150502
Tencent 20150502
TheHacker 20150501
TotalDefense 20150430
TrendMicro 20150502
VBA32 20150501
VIPRE 20150502
ViRobot 20150502
Zillya 20150501
Zoner 20150430
The file being studied is a SWF file! SWF files deliver vector graphics, text, video, and sound over the Internet.
Commonly abused SWF properties
The studied SWF file makes use of ActionScript3, some exploits have been found in the past targeting the ActionScript Virtual Machine. ActionScript has also been used to force unwanted redirections and other badness. Note that many legitimate flash files may also use it to implement rich content and animations.
The studied SWF file performs environment identification.
SWF Properties
SWF version
18
Compression
zlib
Frame size
1.0x1.0 px
Frame count
1
Duration
0.042 seconds
File attributes
HasMetadata, ActionScript3, UseNetwork
Unrecognized SWF tags
1
Total SWF tags
13
ActionScript 3 Packages
flash.display
flash.events
flash.net
flash.system
flash.utils
mx.core
SWF metadata
ExifTool file metadata
MIMEType
application/x-shockwave-flash

ImageSize
1x1

FileType
SWF

Megapixels
1e-06

FrameRate
24

FlashVersion
18

FileTypeExtension
swf

Compressed
True

ImageWidth
1

Duration
0.04 s

FlashAttributes
UseNetwork, ActionScript3, HasMetadata

FrameCount
1

ImageHeight
1

File identification
MD5 6345fd1fdd0e6f007103996b2c2ef252
SHA1 5e1f39f8883074bb674dcc320cf8451db7f796ec
SHA256 689ebbad65eabfc2453d9d08f527d87e2196773da114ac86db9844c408ec29d6
ssdeep
192:Oz3IGCA9yI35n77YRCeKzsT5AU5rbPDcMoHQiEWm2RJOcfSV3+7tuiPwVqE:PGCA9335nUCpyb7zoHPm2POcK3as3qE

File size 12.9 KB ( 13174 bytes )
File type Flash
Magic literal
Macromedia Flash data (compressed), version 18

TrID Macromedia Flash Player Compressed Movie (100.0%)
Tags
flash cve-2015-0359 zlib capabilities exploit cve-2015-0313

VirusTotal metadata
First submission 2015-05-02 05:38:36 UTC ( 2 years, 6 months ago )
Last submission 2015-12-07 01:33:07 UTC ( 1 year, 11 months ago )
File names 689ebbad65eabfc2453d9d08f527d87e2196773da114ac86db9844c408ec29d6.swf
2015-05-02-RIG-EK-Flash-Exploit.swf
secure_out.swf
test.swf]
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!