× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: ac1f66aeef43044139d5a50dbc1b06b8c0603edcbe9f9f7ec616ce4686d5e40c
File name: new.cloudarchieve.com RIG EK Flash exploit.swf
Detection ratio: 17 / 56
Analysis date: 2017-05-17 19:03:28 UTC ( 1 year, 2 months ago ) View latest
Antivirus Result Update
AegisLab Exp.Flash.Pubenush.Aa!c 20170517
AhnLab-V3 SWF/RigEK.Gen 20170517
Antiy-AVL Trojan[Exploit]/SWF.SWF.Generic 20170517
Avast SWF:GirDrop [Drp] 20170517
Avira (no cloud) EXP/FLASH.Pubenush.AA.Gen 20170517
CAT-QuickHeal Exp.SWF.Rig.EK.1886 20170517
DrWeb Exploit.SWF.1221 20170517
ESET-NOD32 a variant of SWF/Exploit.ExKit.AGL 20170517
GData SWF.Trojan.Agent.2DWNTS 20170517
McAfee Exploit-swf.bx 20170517
McAfee-GW-Edition BehavesLike.Flash.Exploit.mg 20170517
Qihoo-360 swf.cve-2015-8651.rig.a 20170517
Rising Exploit.CVE-2015-8651!1.A595 (classic) 20170517
Symantec Trojan.Gen.8!cloud 20170517
TrendMicro HEUR_SWFDEC.DL 20170517
TrendMicro-HouseCall Suspicious_GEN.F47V0517 20170517
ZoneAlarm by Check Point HEUR:Exploit.SWF.Generic 20170517
Ad-Aware 20170517
Alibaba 20170517
ALYac 20170517
Arcabit 20170517
AVG 20170517
AVware 20170517
Baidu 20170503
BitDefender 20170517
Bkav 20170517
ClamAV 20170517
CMC 20170517
Comodo 20170517
CrowdStrike Falcon (ML) 20170130
Cyren 20170517
Emsisoft 20170517
Endgame 20170515
F-Prot 20170517
F-Secure 20170517
Fortinet 20170517
Ikarus 20170517
Sophos ML 20170516
Jiangmin 20170517
K7AntiVirus 20170517
K7GW 20170517
Kaspersky 20170517
Kingsoft 20170517
Malwarebytes 20170517
Microsoft 20170517
eScan 20170517
NANO-Antivirus 20170517
nProtect 20170517
Palo Alto Networks (Known Signatures) 20170517
Panda 20170517
SentinelOne (Static ML) 20170516
Sophos AV 20170517
SUPERAntiSpyware 20170517
Symantec Mobile Insight 20170517
Tencent 20170517
TheHacker 20170516
Trustlook 20170517
VBA32 20170517
VIPRE 20170517
ViRobot 20170517
Webroot 20170517
WhiteArmor 20170517
Yandex 20170517
Zillya 20170517
Zoner 20170517
The file being studied is a SWF file! SWF files deliver vector graphics, text, video, and sound over the Internet.
Commonly abused SWF properties
The studied SWF file makes use of ActionScript3, some exploits have been found in the past targeting the ActionScript Virtual Machine. ActionScript has also been used to force unwanted redirections and other badness. Note that many legitimate flash files may also use it to implement rich content and animations.
The studied SWF file performs environment identification.
SWF Properties
SWF version
33
Compression
zlib
Frame size
710.0x120.0 px
Frame count
1
Duration
0.040 seconds
File attributes
HasMetadata, ActionScript3, UseNetwork
Unrecognized SWF tags
1
Total SWF tags
13
ActionScript 3 Packages
flash.display
flash.events
flash.system
flash.utils
mx.core
SWF metadata
ExifTool file metadata
MIMEType
application/x-shockwave-flash

ImageSize
710x120

FileType
SWF

Megapixels
0.085

FrameRate
25

FlashVersion
33

FileTypeExtension
swf

Compressed
True

ImageWidth
710

Duration
0.04 s

FlashAttributes
UseNetwork, ActionScript3, HasMetadata

FrameCount
1

ImageHeight
120

PCAP parents
File identification
MD5 28190c9fad3b378eafb3c813a640f367
SHA1 2b10825aaef84f3ab38f623dc6f3ad93096a973c
SHA256 ac1f66aeef43044139d5a50dbc1b06b8c0603edcbe9f9f7ec616ce4686d5e40c
ssdeep
384:ffp5rNrVLheckZGgdbImgMoynRjSQ6YjNZeW:HptNZAcANdbImgMXnRjSQ6YjB

File size 12.8 KB ( 13066 bytes )
File type Flash
Magic literal
Macromedia Flash data (compressed), version 33

TrID Macromedia Flash Player Compressed Movie (100.0%)
Tags
flash zlib exploit cve-2015-8651 capabilities

VirusTotal metadata
First submission 2017-05-17 03:30:14 UTC ( 1 year, 2 months ago )
Last submission 2018-05-19 01:01:11 UTC ( 2 months ago )
File names post.divakarshenoy.com RIG EK Flash exploit.swf
new.cloudarchieve.com RIG EK Flash exploit.swf

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!