× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 806ab2c5b089bd3db019bc98ce00b28a57a936e06b3ad81104453b7aab2be43a
File name: class_10_zws.swf
Detection ratio: 3 / 54
Analysis date: 2015-12-24 10:24:46 UTC ( 1 year, 9 months ago ) View latest
Antivirus Result Update
Avast SWF:Agent-EZ [Expl] 20151223
CAT-QuickHeal Exp.SWF.CVE-2015-5122.B 20151224
Kaspersky HEUR:Exploit.SWF.Agent.gen 20151224
Ad-Aware 20151224
AegisLab 20151224
Yandex 20151224
AhnLab-V3 20151223
Alibaba 20151208
ALYac 20151224
Antiy-AVL 20151224
Arcabit 20151224
AVG 20151224
Avira (no cloud) 20151224
AVware 20151224
Baidu-International 20151224
BitDefender 20151224
Bkav 20151223
ByteHero 20151224
ClamAV 20151224
CMC 20151217
Comodo 20151224
Cyren 20151224
DrWeb 20151224
Emsisoft 20151224
ESET-NOD32 20151224
F-Prot 20151224
F-Secure 20151224
Fortinet 20151224
GData 20151224
Ikarus 20151224
Jiangmin 20151224
K7AntiVirus 20151224
K7GW 20151224
Malwarebytes 20151224
McAfee 20151224
McAfee-GW-Edition 20151224
Microsoft 20151224
eScan 20151224
NANO-Antivirus 20151224
nProtect 20151224
Panda 20151224
Rising 20151224
Sophos AV 20151224
SUPERAntiSpyware 20151224
Symantec 20151223
Tencent 20151224
TheHacker 20151223
TrendMicro 20151224
TrendMicro-HouseCall 20151224
VBA32 20151223
VIPRE 20151219
ViRobot 20151224
Zillya 20151223
Zoner 20151224
The file being studied is a SWF file! SWF files deliver vector graphics, text, video, and sound over the Internet.
Commonly abused SWF properties
The studied SWF file makes use of ActionScript3, some exploits have been found in the past targeting the ActionScript Virtual Machine. ActionScript has also been used to force unwanted redirections and other badness. Note that many legitimate flash files may also use it to implement rich content and animations.
The studied SWF file makes use of the loadBytes ActionScript3 functionality, commonly used to load other files and arbitrary code at runtime.
The studied SWF file performs environment identification.
SWF Properties
SWF version
18
Compression
lzma
Frame size
500.0x375.0 px
Frame count
1
Duration
0.042 seconds
File attributes
HasMetadata, ActionScript3, UseNetwork
Unrecognized SWF tags
0
Total SWF tags
10
ActionScript 3 Packages
flash.display
flash.events
flash.net
flash.system
flash.utils
SWF metadata
Suspicious strings
File identification
MD5 4fc2d57dd2b96eca1d3e24441fc3c401
SHA1 3c0b6cf1d75aca0e339efecb700a3458aa27017e
SHA256 806ab2c5b089bd3db019bc98ce00b28a57a936e06b3ad81104453b7aab2be43a
ssdeep
192:CEObaaoJjcWNKLxr4ywD1DAbcBa67MTot31SQInJ4oKAgGTkT7SXGlZdv:w2JoTLhedj7MTddJ4k1TkvSXG5

File size 10.5 KB ( 10733 bytes )
File type Flash
Magic literal
data

TrID Unknown!
Tags
lzma cve-2015-5122 flash capabilities exploit loadbytes

VirusTotal metadata
First submission 2015-12-24 10:24:46 UTC ( 1 year, 9 months ago )
Last submission 2016-04-03 04:10:41 UTC ( 1 year, 6 months ago )
File names 9b4ee00736d4f3fe1af136750f392735-2021573579.swf
class_10_zws.swf
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!