× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 7ac7b38238e48c457d96c0b6b5bab530d0cb931aed35e6dc33a96a5ebcc9cafb
File name: kTjAhKzI.swf
Detection ratio: 3 / 57
Analysis date: 2015-05-25 18:26:06 UTC ( 3 years, 10 months ago ) View latest
Antivirus Result Update
Microsoft VirTool:SWF/Obfuscator.F 20150525
Symantec Trojan.Swifi 20150525
TrendMicro-HouseCall Suspicious_GEN.F47V0507 20150525
Ad-Aware 20150525
AegisLab 20150525
Yandex 20150524
AhnLab-V3 20150525
Alibaba 20150525
ALYac 20150525
Antiy-AVL 20150525
Avast 20150525
AVG 20150525
Avira (no cloud) 20150525
AVware 20150525
Baidu-International 20150525
BitDefender 20150525
Bkav 20150523
ByteHero 20150525
CAT-QuickHeal 20150523
ClamAV 20150525
CMC 20150525
Comodo 20150525
Cyren 20150525
DrWeb 20150525
Emsisoft 20150525
ESET-NOD32 20150525
F-Prot 20150525
F-Secure 20150525
Fortinet 20150525
GData 20150525
Ikarus 20150525
Jiangmin 20150522
K7AntiVirus 20150525
K7GW 20150525
Kaspersky 20150525
Kingsoft 20150525
Malwarebytes 20150525
McAfee 20150525
McAfee-GW-Edition 20150525
eScan 20150525
NANO-Antivirus 20150525
Norman 20150525
nProtect 20150522
Panda 20150525
Qihoo-360 20150525
Rising 20150525
Sophos AV 20150525
SUPERAntiSpyware 20150523
Tencent 20150525
TheHacker 20150521
TotalDefense 20150525
TrendMicro 20150525
VBA32 20150523
VIPRE 20150525
ViRobot 20150525
Zillya 20150525
Zoner 20150521
The file being studied is a SWF file! SWF files deliver vector graphics, text, video, and sound over the Internet.
Commonly abused SWF properties
The studied SWF file makes use of ActionScript3, some exploits have been found in the past targeting the ActionScript Virtual Machine. ActionScript has also been used to force unwanted redirections and other badness. Note that many legitimate flash files may also use it to implement rich content and animations.
Contains ActionScript code to request and retrieve content from Internet URLs.
The studied SWF file makes use of the loadBytes ActionScript3 functionality, commonly used to load other files and arbitrary code at runtime.
The studied SWF file performs environment identification.
SWF Properties
SWF version
27
Compression
lzma
Frame size
500.0x375.0 px
Frame count
1
Duration
0.042 seconds
File attributes
HasMetadata, ActionScript3, UseNetwork
Unrecognized SWF tags
0
Total SWF tags
8
ActionScript 3 Packages
flash.display
flash.events
flash.net
flash.system
flash.utils
mx.core
mx.events
mx.managers
mx.modules
mx.resources
mx.utils
SWF metadata
File identification
MD5 3c6e819495919a3612d42f0d8e9afdd4
SHA1 34bb57f7b50a8951a53d1e4b07ad6d6afa772786
SHA256 7ac7b38238e48c457d96c0b6b5bab530d0cb931aed35e6dc33a96a5ebcc9cafb
ssdeep
384:yFxLr3acqi84OLd8G6Y+YginHWe6kGhBzOZUWlxjhJ:SxiL94OLdlu60kGCuWTr

File size 17.5 KB ( 17912 bytes )
File type Flash
Magic literal
data

TrID Unknown!
Tags
lzma flash cve-2014-1776 capabilities exploit cve-2014-8439 cve-2015-0311 loadbytes

VirusTotal metadata
First submission 2015-04-28 20:39:18 UTC ( 3 years, 10 months ago )
Last submission 2017-08-24 08:02:46 UTC ( 1 year, 6 months ago )
File names kTjAhKzI.swf.octet-stream
output.67244025.txt
7ac7b38238e48c457d96c0b6b5bab530d0cb931aed35e6dc33a96a5ebcc9cafb.swf
VirusShare_3c6e819495919a3612d42f0d8e9afdd4
kTjAhKzI.swf
n8JfqMeOTE.vbs
kTjAhKzIR.swf
67244025
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!