× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 7eebafaeace11b7bb43aed72e1d926fb83375e37785fdd6bbee20920dfe8164f
File name: 2015-12-03-Nuclear-EK-Flash-Exploit.swf
Detection ratio: 1 / 55
Analysis date: 2015-12-05 23:32:11 UTC ( 1 year, 4 months ago ) View latest
Antivirus Result Update
McAfee-GW-Edition BehavesLike.Flash.Exploit.cg 20151205
Ad-Aware 20151205
AegisLab 20151205
Yandex 20151205
AhnLab-V3 20151205
Alibaba 20151204
ALYac 20151204
Antiy-AVL 20151205
Arcabit 20151205
Avast 20151205
AVG 20151205
Avira (no cloud) 20151205
AVware 20151205
Baidu-International 20151205
BitDefender 20151206
Bkav 20151205
ByteHero 20151206
CAT-QuickHeal 20151205
ClamAV 20151204
CMC 20151201
Comodo 20151202
Cyren 20151206
DrWeb 20151206
Emsisoft 20151206
ESET-NOD32 20151205
F-Prot 20151206
F-Secure 20151205
Fortinet 20151204
GData 20151206
Ikarus 20151205
Jiangmin 20151205
K7AntiVirus 20151202
K7GW 20151202
Kaspersky 20151205
Malwarebytes 20151206
McAfee 20151206
Microsoft 20151205
eScan 20151206
NANO-Antivirus 20151205
nProtect 20151204
Panda 20151205
Qihoo-360 20151206
Rising 20151205
Sophos 20151205
SUPERAntiSpyware 20151205
Symantec 20151205
Tencent 20151206
TheHacker 20151205
TrendMicro 20151205
TrendMicro-HouseCall 20151205
VBA32 20151204
VIPRE 20151205
ViRobot 20151205
Zillya 20151205
Zoner 20151205
The file being studied is a SWF file! SWF files deliver vector graphics, text, video, and sound over the Internet.
Commonly abused SWF properties
The studied SWF file makes use of ActionScript3, some exploits have been found in the past targeting the ActionScript Virtual Machine. ActionScript has also been used to force unwanted redirections and other badness. Note that many legitimate flash files may also use it to implement rich content and animations.
The studied SWF file performs environment identification.
SWF Properties
SWF version
14
Compression
zlib
Frame size
500.0x375.0 px
Frame count
1
Duration
0.042 seconds
File attributes
HasMetadata, ActionScript3, UseNetwork
Unrecognized SWF tags
1
Total SWF tags
10
ActionScript 3 Packages
flash.display
flash.events
flash.external
flash.system
flash.utils
SWF metadata
ExifTool file metadata
MIMEType
application/x-shockwave-flash

Publisher
unknown

Megapixels
0.188

Description
http://www.adobe.com/products/flex

Language
EN

Format
application/x-shockwave-flash

FlashAttributes
UseNetwork, ActionScript3, HasMetadata

Title
Adobe Flex 4 Application

FrameRate
24

FlashVersion
14

Duration
0.04 s

Creator
unknown

FileTypeExtension
swf

Compressed
True

ImageWidth
500

Date
Dec 3, 2015

ImageHeight
375

Warning
[minor] Fixed incorrect URI for xmlns:dc

FileType
SWF

FrameCount
1

ImageSize
500x375

PCAP parents
File identification
MD5 15f6f1235bbb8fda153872d500e9cf7b
SHA1 4fb04e2127312c87d74bc3d9a3fbf94e84f803f1
SHA256 7eebafaeace11b7bb43aed72e1d926fb83375e37785fdd6bbee20920dfe8164f
ssdeep
1536:eGiolJmfyEmClXqENCLTmQx3zqgxdteF8CUu+26T/YlaahQdbvvkEjW+0:eGi4JmZmClaENCUQXu5A/0h9iWP

File size 80.8 KB ( 82704 bytes )
File type Flash
Magic literal
Macromedia Flash data (compressed), version 14

TrID Macromedia Flash Player Compressed Movie (100.0%)
Tags
flash exploit zlib cve-2015-0311 capabilities

VirusTotal metadata
First submission 2015-12-05 23:32:11 UTC ( 1 year, 4 months ago )
Last submission 2016-02-18 21:51:49 UTC ( 1 year, 2 months ago )
File names 2015-12-03-Nuclear-EK-flash-exploit.swf
2015-12-03-Nuclear-EK-Flash-Exploit.swf
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!