× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 6e16ddfcf4c5f557f0f64ee8a4f16741e79dbe29acb43eccab87329116e88b9e
File name: wdioj124.swf
Detection ratio: 21 / 56
Analysis date: 2017-03-23 23:49:17 UTC ( 1 year, 12 months ago ) View latest
Antivirus Result Update
Ad-Aware Script.SWF.C305 20170323
ALYac Script.SWF.C305 20170323
Arcabit Script.SWF.C305 20170323
Avast SWF:CVE-2015-0311-I [Expl] 20170323
Avira (no cloud) EXP/CVE-2015-0311.K.Gen 20170323
BitDefender Script.SWF.C305 20170323
CAT-QuickHeal Exp.SWF.CVE-2015-5119.B 20170322
Cyren SWF/CVE150311 20170323
DrWeb Exploit.SWF.1191 20170324
Emsisoft Script.SWF.C305 (B) 20170323
ESET-NOD32 a variant of SWF/Exploit.Agent.KV 20170323
F-Secure Script.SWF.C305 20170323
GData Script.SWF.C305 20170323
Ikarus Trojan.SWF.Exploit 20170323
eScan Script.SWF.C305 20170323
Qihoo-360 swf.exp.msf.a 20170324
Sophos AV Troj/SWFExp-LL 20170323
Symantec Trojan.Swifi 20170322
TrendMicro EXPL_CVE20148439 20170323
ViRobot SWF.Z.CVE-2015-0311.20564[h] 20170323
Zillya Downloader.OpenConnection.JS.172380 20170323
AegisLab 20170323
AhnLab-V3 20170323
Alibaba 20170323
Antiy-AVL 20170323
AVG 20170323
AVware 20170323
Baidu 20170323
Bkav 20170323
ClamAV 20170323
CMC 20170317
Comodo 20170323
CrowdStrike Falcon (ML) 20170130
Endgame 20170317
F-Prot 20170324
Fortinet 20170323
Sophos ML 20170203
Jiangmin 20170323
K7AntiVirus 20170323
K7GW 20170323
Kaspersky 20170323
Kingsoft 20170324
Malwarebytes 20170323
McAfee 20170323
McAfee-GW-Edition 20170324
Microsoft 20170323
NANO-Antivirus 20170323
nProtect 20170323
Palo Alto Networks (Known Signatures) 20170324
Panda 20170323
Rising None
SentinelOne (Static ML) 20170315
SUPERAntiSpyware 20170323
Symantec Mobile Insight 20170324
Tencent 20170324
TheHacker 20170321
TrendMicro-HouseCall 20170323
Trustlook 20170324
VBA32 20170323
VIPRE 20170323
Webroot 20170324
WhiteArmor 20170315
Yandex 20170323
ZoneAlarm by Check Point 20170323
Zoner 20170323
The file being studied is a SWF file! SWF files deliver vector graphics, text, video, and sound over the Internet.
Commonly abused SWF properties
The studied SWF file makes use of ActionScript3, some exploits have been found in the past targeting the ActionScript Virtual Machine. ActionScript has also been used to force unwanted redirections and other badness. Note that many legitimate flash files may also use it to implement rich content and animations.
Contains ActionScript code to request and retrieve content from Internet URLs.
The studied SWF file makes use of the loadBytes ActionScript3 functionality, commonly used to load other files and arbitrary code at runtime.
The studied SWF file performs environment identification.
The flash file uses methods of the ExternalInterface class to communicate with the external host of the Flash plugin, such as the web browser.
SWF Properties
SWF version
28
Compression
lzma
Frame size
500.0x375.0 px
Frame count
1
Duration
0.042 seconds
File attributes
HasMetadata, ActionScript3, UseNetwork
Unrecognized SWF tags
0
Total SWF tags
8
ActionScript 3 Packages
flash.display
flash.events
flash.external
flash.net
flash.system
flash.utils
mx.core
mx.events
mx.managers
mx.modules
mx.resources
mx.utils
SWF metadata
Suspicious strings
Execution parents
Compressed bundles
File identification
MD5 439fea2f3f9b7ef0a0fdc01fb97b99a9
SHA1 e924be3506736cc65faca229113e89d8959c9e80
SHA256 6e16ddfcf4c5f557f0f64ee8a4f16741e79dbe29acb43eccab87329116e88b9e
ssdeep
384:hVPcv0uboUXYb6MJ54d4bqL1NS5PmsThHuO5Q81jFFsu68MR9HX:hE0gE64bqL1NS5OZO5je8eN

File size 20.1 KB ( 20564 bytes )
File type Flash
Magic literal
data

TrID Unknown!
Tags
lzma cve-2015-5119 cve-2015-0311 cve-2015-3105 flash capabilities exploit ext-interface loadbytes

VirusTotal metadata
First submission 2015-06-30 14:52:17 UTC ( 3 years, 8 months ago )
Last submission 2018-12-08 20:47:44 UTC ( 3 months, 1 week ago )
File names jzqTdv.mht
msf.swf
msf.swf
Yweq.swf
test.swf
msf.swf
filA303C86753B3942E5D17CC24C8783851
.BC.T_a4yVDk
sadfgerqasdfvawreqfwewadf.swf
wdioj124.swf
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!