× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 85c5f5a81f6701d597ada200dfd8338078752dc165f97efc094edf4874327c76
File name: RIG EK Flash Exploit.swf
Detection ratio: 13 / 59
Analysis date: 2018-03-11 19:26:18 UTC ( 9 months, 1 week ago ) View latest
Antivirus Result Update
AhnLab-V3 SWF/RigEK.Gen 20180311
Antiy-AVL Trojan[Exploit]/SWF.SWF.Generic 20180311
Avira (no cloud) EXP/FLASH.Pubenush.AC.Gen 20180311
CAT-QuickHeal Exp.SWF.Rig.EK.4476 20180311
DrWeb Exploit.SWF.1232 20180311
ESET-NOD32 a variant of SWF/Exploit.ExKit.AJN 20180311
Kaspersky HEUR:Exploit.SWF.Agent.gen 20180311
Qihoo-360 swf.cve-2015-8651.rig.a 20180311
Rising Exploit.CVE-2015-8651!1.A595 (CLASSIC) 20180311
Symantec Trojan.Swifi 20180310
Tencent Win32.Exploit.Generic.Pdwp 20180311
TrendMicro HEUR_SWFDEC.SC2 20180311
ZoneAlarm by Check Point HEUR:Exploit.SWF.Generic 20180311
Ad-Aware 20180311
AegisLab 20180311
Alibaba 20180311
ALYac 20180311
Arcabit 20180311
Avast 20180311
Avast-Mobile 20180311
AVG 20180311
AVware 20180311
Baidu 20180309
BitDefender 20180311
Bkav 20180310
ClamAV 20180311
CMC 20180311
Comodo 20180311
CrowdStrike Falcon (ML) 20170201
Cybereason None
Cylance 20180311
Cyren 20180311
eGambit 20180311
Emsisoft 20180311
Endgame 20180308
F-Prot 20180311
F-Secure 20180311
Fortinet 20180311
GData 20180311
Ikarus 20180311
Sophos ML 20180121
Jiangmin 20180311
K7AntiVirus 20180311
K7GW 20180311
Kingsoft 20180311
Malwarebytes 20180311
MAX 20180311
McAfee 20180311
McAfee-GW-Edition 20180311
Microsoft 20180311
eScan 20180311
NANO-Antivirus 20180311
nProtect 20180311
Palo Alto Networks (Known Signatures) 20180311
Panda 20180311
SentinelOne (Static ML) 20180225
Sophos AV 20180311
SUPERAntiSpyware 20180311
Symantec Mobile Insight 20180306
TheHacker 20180307
TrendMicro-HouseCall 20180311
Trustlook 20180311
VBA32 20180307
VIPRE 20180311
ViRobot 20180311
Webroot 20180311
WhiteArmor 20180223
Yandex 20180308
Zillya 20180309
Zoner 20180311
The file being studied is a SWF file! SWF files deliver vector graphics, text, video, and sound over the Internet.
Commonly abused SWF properties
The studied SWF file makes use of ActionScript3, some exploits have been found in the past targeting the ActionScript Virtual Machine. ActionScript has also been used to force unwanted redirections and other badness. Note that many legitimate flash files may also use it to implement rich content and animations.
The studied SWF file performs environment identification.
SWF Properties
SWF version
32
Compression
zlib
Frame size
800.0x600.0 px
Frame count
1
Duration
0.033 seconds
File attributes
HasMetadata, ActionScript3, UseNetwork
Unrecognized SWF tags
1
Total SWF tags
14
ActionScript 3 Packages
flash.display
flash.events
flash.system
flash.utils
mx.core
SWF metadata
ExifTool file metadata
MIMEType
application/x-shockwave-flash

ImageSize
800x600

FileType
SWF

Megapixels
0.48

FrameRate
30

FlashVersion
32

FileTypeExtension
swf

Compressed
True

ImageWidth
800

Duration
0.03 s

FlashAttributes
UseNetwork, ActionScript3, HasMetadata

FrameCount
1

ImageHeight
600

File identification
MD5 4e2f7b6b8a3fa3c406dc95c357ad32ea
SHA1 ecfdd2c97e9ab9b8ed2328bd61d60174dc9fa1e7
SHA256 85c5f5a81f6701d597ada200dfd8338078752dc165f97efc094edf4874327c76
ssdeep
384:URXVHkcnki/s8LWWSxZdfIwjUjpFKRr97FaOpdG:EXVkIBCZt4juh/aV

File size 15.6 KB ( 15956 bytes )
File type Flash
Magic literal
Macromedia Flash data (compressed), version 32

TrID Macromedia Flash Player Compressed Movie (100.0%)
Tags
flash zlib exploit cve-2015-8651 capabilities

VirusTotal metadata
First submission 2018-03-11 19:26:18 UTC ( 9 months, 1 week ago )
Last submission 2018-03-19 11:43:49 UTC ( 9 months ago )
File names RIG EK Flash Exploit.swf
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!