× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 6b046933a8f9140e2ade1037c2160cd0b58d459f158e06817061e1c03b511e9f
File name: 188.225.76.222 Flash exploit.swf
Detection ratio: 14 / 58
Analysis date: 2017-07-13 01:32:46 UTC ( 5 months, 1 week ago ) View latest
Antivirus Result Update
AhnLab-V3 SWF/RigEK.Gen 20170712
Antiy-AVL Trojan[Exploit]/SWF.SWF.Generic 20170713
Avast SWF:Agent-FV [Expl] 20170712
AVG SWF:Agent-FV [Expl] 20170712
Avira (no cloud) EXP/FLASH.Pubenush.AA.Gen 20170713
CAT-QuickHeal Exp.SWF.CVE-2015-5122.B 20170712
DrWeb Exploit.SWF.1232 20170713
ESET-NOD32 a variant of SWF/Exploit.ExKit.BHR 20170713
McAfee Exploit-swf.bx 20170713
McAfee-GW-Edition Exploit-swf.bx 20170712
Qihoo-360 swf.cve-2015-8651.rig.a 20170713
Rising Exploit.CVE-2015-8651!1.A595 (classic) 20170712
TrendMicro HEUR_SWFDEC.SC2 20170713
ZoneAlarm by Check Point HEUR:Exploit.SWF.Generic 20170713
Ad-Aware 20170712
AegisLab 20170713
Alibaba 20170712
ALYac 20170713
Arcabit 20170713
AVware 20170712
Baidu 20170712
BitDefender 20170712
Bkav 20170713
ClamAV 20170712
CMC 20170712
Comodo 20170712
CrowdStrike Falcon (ML) 20170420
Cylance 20170713
Cyren 20170713
Emsisoft 20170713
Endgame 20170706
F-Prot 20170712
F-Secure 20170712
Fortinet 20170629
GData 20170713
Ikarus 20170712
Sophos ML 20170607
Jiangmin 20170712
K7AntiVirus 20170712
K7GW 20170712
Kaspersky 20170712
Kingsoft 20170713
Malwarebytes 20170712
MAX 20170712
Microsoft 20170712
eScan 20170712
NANO-Antivirus 20170713
nProtect 20170712
Palo Alto Networks (Known Signatures) 20170713
Panda 20170712
SentinelOne (Static ML) 20170516
Sophos AV 20170713
SUPERAntiSpyware 20170713
Symantec 20170712
Symantec Mobile Insight 20170712
Tencent 20170713
TheHacker 20170712
TrendMicro-HouseCall 20170713
Trustlook 20170713
VBA32 20170712
VIPRE 20170713
ViRobot 20170712
Webroot 20170713
WhiteArmor 20170713
Yandex 20170712
Zillya 20170712
Zoner 20170713
The file being studied is a SWF file! SWF files deliver vector graphics, text, video, and sound over the Internet.
Commonly abused SWF properties
The studied SWF file makes use of ActionScript3, some exploits have been found in the past targeting the ActionScript Virtual Machine. ActionScript has also been used to force unwanted redirections and other badness. Note that many legitimate flash files may also use it to implement rich content and animations.
The studied SWF file performs environment identification.
SWF Properties
SWF version
32
Compression
zlib
Frame size
800.0x600.0 px
Frame count
1
Duration
0.033 seconds
File attributes
HasMetadata, ActionScript3, UseNetwork
Unrecognized SWF tags
1
Total SWF tags
13
ActionScript 3 Packages
flash.display
flash.events
flash.system
flash.utils
mx.core
SWF metadata
ExifTool file metadata
MIMEType
application/x-shockwave-flash

ImageSize
800x600

FileType
SWF

Megapixels
0.48

FrameRate
30

FlashVersion
32

FileTypeExtension
swf

Compressed
True

ImageWidth
800

Duration
0.03 s

FlashAttributes
UseNetwork, ActionScript3, HasMetadata

FrameCount
1

ImageHeight
600

File identification
MD5 a4d08a79bd43b312d45fb69f5f778906
SHA1 c3cd8278e4366860e000de16b748939d5d6e726d
SHA256 6b046933a8f9140e2ade1037c2160cd0b58d459f158e06817061e1c03b511e9f
ssdeep
192:2vGNqtspMsLr4YtrMM/oBRMNjs+YdQrx+3+Lt3ucBLq2fxYXWYW/a8RrpS6/BCq6:6oXMG4CrMFIHYmx7wq+GY+BpS6/qL6MN

File size 15.0 KB ( 15381 bytes )
File type Flash
Magic literal
Macromedia Flash data (compressed), version 32

TrID Macromedia Flash Player Compressed Movie (100.0%)
Tags
flash cve-2015-5122 zlib capabilities exploit cve-2015-8651

VirusTotal metadata
First submission 2017-07-13 01:32:46 UTC ( 5 months, 1 week ago )
Last submission 2017-07-17 10:38:39 UTC ( 5 months ago )
File names 188.225.76.222 Flash exploit.swf
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!