× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 8d0b65807a5b85f790047ecbdb62b267f823570cbecb763f89927e2534f978df
File name: 2015-04-13-Nuclear-EK-Flash-Exploit.swf
Detection ratio: 0 / 57
Analysis date: 2015-04-16 16:19:35 UTC ( 2 years ago )
Antivirus Result Update
Ad-Aware 20150416
AegisLab 20150416
Yandex 20150416
AhnLab-V3 20150416
Alibaba 20150416
ALYac 20150416
Antiy-AVL 20150416
Avast 20150416
AVG 20150416
Avira (no cloud) 20150416
AVware 20150416
Baidu-International 20150416
BitDefender 20150416
Bkav 20150415
ByteHero 20150416
CAT-QuickHeal 20150416
ClamAV 20150415
CMC 20150416
Comodo 20150416
Cyren 20150416
DrWeb 20150416
Emsisoft 20150416
ESET-NOD32 20150416
F-Prot 20150416
F-Secure 20150416
Fortinet 20150416
GData 20150416
Ikarus 20150416
Jiangmin 20150414
K7AntiVirus 20150416
K7GW 20150416
Kaspersky 20150416
Kingsoft 20150416
Malwarebytes 20150416
McAfee 20150416
McAfee-GW-Edition 20150416
Microsoft 20150416
eScan 20150416
NANO-Antivirus 20150416
Norman 20150416
nProtect 20150416
Panda 20150416
Qihoo-360 20150416
Rising 20150416
Sophos 20150416
SUPERAntiSpyware 20150416
Symantec 20150416
Tencent 20150416
TheHacker 20150415
TotalDefense 20150416
TrendMicro 20150416
TrendMicro-HouseCall 20150416
VBA32 20150416
VIPRE 20150416
ViRobot 20150416
Zillya 20150416
Zoner 20150416
The file being studied is a SWF file! SWF files deliver vector graphics, text, video, and sound over the Internet.
Commonly abused SWF properties
The studied SWF file makes use of ActionScript3, some exploits have been found in the past targeting the ActionScript Virtual Machine. ActionScript has also been used to force unwanted redirections and other badness. Note that many legitimate flash files may also use it to implement rich content and animations.
The studied SWF file makes use of the loadBytes ActionScript3 functionality, commonly used to load other files and arbitrary code at runtime.
SWF Properties
SWF version
28
Compression
lzma
Frame size
500.0x375.0 px
Frame count
1
Duration
0.042 seconds
File attributes
HasMetadata, ActionScript3, UseNetwork
Unrecognized SWF tags
0
Total SWF tags
9
ActionScript 3 Packages
flash.display
flash.events
flash.external
flash.system
flash.utils
SWF metadata
PCAP parents
File identification
MD5 e24c8511966624259991dac0041a7ec1
SHA1 34729484e6cce3d8b4a05614d024570d1e346888
SHA256 8d0b65807a5b85f790047ecbdb62b267f823570cbecb763f89927e2534f978df
ssdeep
384:dHNVJZAZ3t0VICC17bqGeYqMcIZOpT2Mn9e5fArWVzPTJdVfcw5BPGvUr2QLqeiD:/LM3LnqGe7McIZO92mIfASNPfcg6UHLu

File size 19.7 KB ( 20182 bytes )
File type Flash
Magic literal
data

TrID Unknown!
Tags
lzma flash loadbytes

VirusTotal metadata
First submission 2015-04-13 02:20:33 UTC ( 2 years ago )
Last submission 2015-04-16 16:19:35 UTC ( 2 years ago )
File names 2015-04-13-Nuclear-EK-Flash-Exploit.swf
2015-04-11-Nuclear-EK-flash-exploit.swf
mybackup.zws
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!