× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 8199461e5e9e32bb7b7c8d31f31b7ccb5c53a3c96091266a16086d41f404bfb3
File name: 8199461E5E9E32BB7B7C8D31F31B7CCB5C53A3C96091266A16086D41F404BFB3.dat
Detection ratio: 3 / 44
Analysis date: 2011-09-08 10:15:57 UTC ( 3 years, 8 months ago ) View latest
Antivirus Result Update
AhnLab-V3 SWF/Exploit 20110908
Avast5 SWF:Dropper [Heur] 20110908
ViRobot SWF.S.Exploit.12093 20110908
AVG 20110907
AntiVir 20110908
Antiy-AVL 20110908
Avast 20110908
BitDefender 20110908
ByteHero 20110901
CAT-QuickHeal 20110908
ClamAV 20110908
Commtouch 20110908
Comodo 20110908
DrWeb 20110908
Emsisoft 20110908
F-Prot 20110907
F-Secure 20110908
Fortinet 20110908
GData 20110908
Ikarus 20110908
Jiangmin 20110907
K7AntiVirus 20110907
Kaspersky 20110908
McAfee 20110908
McAfee-GW-Edition 20110908
Microsoft 20110908
NOD32 20110908
Norman 20110908
PCTools 20110908
Panda 20110907
Prevx 20110908
Rising 20110907
SUPERAntiSpyware 20110908
Sophos 20110908
Symantec 20110908
TheHacker 20110908
TrendMicro 20110906
TrendMicro-HouseCall 20110908
VBA32 20110907
VIPRE 20110908
VirusBuster 20110907
eSafe 20110907
eTrust-Vet 20110908
nProtect 20110908
The file being studied is a SWF file! SWF files deliver vector graphics, text, video, and sound over the Internet.
Commonly abused SWF properties
The studied SWF file makes use of ActionScript3, some exploits have been found in the past targeting the ActionScript Virtual Machine. ActionScript has also been used to force unwanted redirections and other badness. Note that many legitimate flash files may also use it to implement rich content and animations.
The studied SWF file makes use of the loadBytes ActionScript3 functionality, commonly used to load other files and arbitrary code at runtime.
SWF Properties
SWF version
11
Compression
zlib
Frame size
500.0x375.0 px
Frame count
1
Duration
0.042 seconds
File attributes
HasMetadata, ActionScript3, UseNetwork
Unrecognized SWF tags
0
Total SWF tags
8
ActionScript 3 Packages
flash.display
flash.events
flash.net
flash.system
flash.utils
SWF metadata
ExifTool file metadata
MIMEType
application/x-shockwave-flash

ImageSize
500x375

FileType
SWF

Megapixels
0.188

FrameRate
24

FlashVersion
11

ImageHeight
375

ImageWidth
500

Duration
0.04 s

Compressed
True

FrameCount
1

FileAttributes
UseNetwork, ActionScript3, HasMetadata

File identification
MD5 bc28381f52d8792a73666df1a55e4a86
SHA1 787ff3b745771bc22d52072e8f6aabf63d0acff6
SHA256 8199461e5e9e32bb7b7c8d31f31b7ccb5c53a3c96091266a16086d41f404bfb3
ssdeep
192:gVE/FevR9LDOvuTAF+iz/KhwyX/MJy7loJDisRtlvO2duFlGkFWu38Q:gHp9LDY+ibULX7loJDxlbuvGy8Q

File size 11.8 KB ( 12093 bytes )
File type Flash
Magic literal
Macromedia Flash data (compressed), version 11

TrID Macromedia Flash Player Compressed Movie (100.0%)
Tags
flash zlib exploit cve-2011-0611 loadbytes

VirusTotal metadata
First submission 2011-09-04 07:15:53 UTC ( 3 years, 9 months ago )
Last submission 2015-04-01 12:49:09 UTC ( 2 months ago )
File names top.swf
aaaaa.^^^
1.1xx
cc_old.swf
8199461E5E9E32BB7B7C8D31F31B7CCB5C53A3C96091266A16086D41F404BFB3.dat
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!