× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 8c13d272bc13044719364dfc26b7624fa32d218b4701991f45bf28974d5277a1
File name: output.22165710.txt
Detection ratio: 22 / 54
Analysis date: 2017-02-03 04:36:18 UTC ( 1 year, 4 months ago )
Antivirus Result Update
Ad-Aware Trojan.Html.Iframe.JB 20170203
AegisLab Troj.Html.Iframe!c 20170203
ALYac Trojan.Html.Iframe.JB 20170203
Arcabit Trojan.Html.Iframe.JB 20170203
Avast HTML:Iframe-UT [Trj] 20170203
AVG HTML/Framer 20170202
Avira (no cloud) HTML/Infected.WebPage.Gen2 20170202
BitDefender Trojan.Html.Iframe.JB 20170203
CAT-QuickHeal Exp.SWF.IFrame 20170202
Comodo UnclassifiedMalware 20170203
Emsisoft Trojan.Html.Iframe.JB (B) 20170203
F-Secure Trojan.Html.Iframe.JB 20170203
GData Trojan.Html.Iframe.JB 20170203
Ikarus HTML.FlashFrame 20170202
Microsoft Exploit:HTML/IframeRef.AA 20170203
eScan Trojan.Html.Iframe.JB 20170203
Qihoo-360 Win32/Trojan.5e1 20170203
Sophos AV Mal/Iframe-F 20170203
Symantec Trojan.Maliframe!html 20170202
Tencent Win32.Trojan.Iframe.Pdmf 20170203
TrendMicro HTML_IFRAME.AGV 20170203
TrendMicro-HouseCall HTML_IFRAME.AGV 20170203
AhnLab-V3 20170202
Alibaba 20170122
Antiy-AVL 20170203
AVware 20170203
Baidu 20170125
ClamAV 20170203
CMC 20170202
CrowdStrike Falcon (ML) 20170130
Cyren 20170202
DrWeb 20170203
ESET-NOD32 20170203
F-Prot 20170203
Fortinet 20170203
Sophos ML 20170111
Jiangmin 20170203
K7AntiVirus 20170203
K7GW 20170203
Kaspersky 20170203
Kingsoft 20170203
Malwarebytes 20170203
McAfee 20170203
McAfee-GW-Edition 20170203
NANO-Antivirus 20170202
nProtect 20170203
Panda 20170202
Rising 20170203
SUPERAntiSpyware 20170203
TheHacker 20170202
TotalDefense 20170202
Trustlook 20170203
VBA32 20170202
VIPRE 20170203
ViRobot 20170203
WhiteArmor 20170202
Yandex 20170203
Zillya 20170201
Zoner 20170203
The file being studied is a SWF file! SWF files deliver vector graphics, text, video, and sound over the Internet.
Commonly abused SWF properties
The flash file seems to embed javascript code. In combination with the ExternalInterface class usage, this code might be trying to modify the DOM of the parent URL embedding the file.
The flash file seems to be performing some sort of HTML iframe injection or makes use of iframes.
SWF Properties
SWF version
6
Frame size
3.75x3.9 px
Frame count
15715
Duration
137.851 seconds
Unrecognized SWF tags
200
Total SWF tags
208
Referenced URLs
ExifTool file metadata
MIMEType
application/x-shockwave-flash

ImageSize
0.25x1.25

FileType
SWF

Megapixels
0.0

FrameRate
114.44921875

FlashVersion
6

FileTypeExtension
swf

Compressed
False

ImageWidth
0.25

Duration
0:02:17

FrameCount
15715

ImageHeight
1.25

File identification
MD5 42d1b49ae191a66fa3e8139106d41f44
SHA1 567bfbf12786e04f61ef8fb67c57e0b6ae102b92
SHA256 8c13d272bc13044719364dfc26b7624fa32d218b4701991f45bf28974d5277a1
ssdeep
96:tAgt8sTX9U6586RXrtR6ENbXPMPz+HH8+HG80EN4NAPAnt49+VommmU9nCGQRa8:tAu7+o0Pz+l0EWAPA2XrXQRa8

File size 8.4 KB ( 8595 bytes )
File type Flash
Magic literal
Macromedia Flash data, version 6

TrID Macromedia Flash Player Movie (100.0%)
Tags
flash iframe

VirusTotal metadata
First submission 2011-09-25 20:23:48 UTC ( 6 years, 9 months ago )
Last submission 2016-05-07 06:16:29 UTC ( 2 years, 1 month ago )
File names aa
clF8zsGG.kwu
22165710
output.22165710.txt
vti-rescan
567bfbf12786e04f61ef8fb67c57e0b6ae102b92.bin
n6UuauOvm.vsd
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!