× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: baddcc2a29b4efebbabf840f33aa21b90c376f9a80159ff85569377507b1ce16
File name: 2015-07-12-Nuclear-EK-Flash-Exploit.swf
Detection ratio: 2 / 55
Analysis date: 2015-07-12 17:00:01 UTC ( 2 years ago ) View latest
Antivirus Result Update
Avira (no cloud) EXP/FLASH.Straconn.A.Gen 20150712
McAfee-GW-Edition BehavesLike.Flash.Exploit.mb 20150712
Ad-Aware 20150712
AegisLab 20150712
Yandex 20150711
AhnLab-V3 20150712
Alibaba 20150710
ALYac 20150712
Antiy-AVL 20150712
Arcabit 20150712
Avast 20150712
AVG 20150712
AVware 20150712
Baidu-International 20150712
BitDefender 20150712
Bkav 20150708
ByteHero 20150712
CAT-QuickHeal 20150712
ClamAV 20150712
Comodo 20150712
Cyren 20150712
DrWeb 20150712
Emsisoft 20150712
ESET-NOD32 20150712
F-Prot 20150712
F-Secure 20150711
Fortinet 20150712
GData 20150712
Ikarus 20150712
Jiangmin 20150710
K7AntiVirus 20150712
K7GW 20150712
Kaspersky 20150712
Kingsoft 20150712
Malwarebytes 20150712
McAfee 20150712
Microsoft 20150712
eScan 20150712
NANO-Antivirus 20150712
nProtect 20150710
Panda 20150712
Qihoo-360 20150712
Rising 20150712
Sophos AV 20150712
SUPERAntiSpyware 20150712
Symantec 20150712
Tencent 20150712
TheHacker 20150712
TrendMicro 20150712
TrendMicro-HouseCall 20150712
VBA32 20150711
VIPRE 20150712
ViRobot 20150712
Zillya 20150712
Zoner 20150712
The file being studied is a SWF file! SWF files deliver vector graphics, text, video, and sound over the Internet.
Commonly abused SWF properties
The studied SWF file makes use of ActionScript3, some exploits have been found in the past targeting the ActionScript Virtual Machine. ActionScript has also been used to force unwanted redirections and other badness. Note that many legitimate flash files may also use it to implement rich content and animations.
SWF Properties
SWF version
14
Compression
zlib
Frame size
500.0x375.0 px
Frame count
1
Duration
0.042 seconds
File attributes
HasMetadata, ActionScript3, UseNetwork
Unrecognized SWF tags
1
Total SWF tags
18
ActionScript 3 Packages
flash.display
flash.events
flash.external
flash.system
flash.utils
mx.core
SWF metadata
ExifTool file metadata
MIMEType
application/x-shockwave-flash

Publisher
unknown

Megapixels
0.188

Description
http://www.adobe.com/products/flex

Language
EN

Format
application/x-shockwave-flash

FlashAttributes
UseNetwork, ActionScript3, HasMetadata

Title
Adobe Flex 4 Application

FrameRate
24

FlashVersion
14

Duration
0.04 s

Creator
unknown

FileTypeExtension
swf

Compressed
True

ImageWidth
500

Date
Jul 12, 2015

ImageHeight
375

Warning
[minor] Fixed incorrect URI for xmlns:dc

FileType
SWF

FrameCount
1

ImageSize
500x375

PCAP parents
File identification
MD5 55bc1335ea005114b9c14e836fba2ac6
SHA1 7f9b8746a4e79d5412158ed87df8b409f6888575
SHA256 baddcc2a29b4efebbabf840f33aa21b90c376f9a80159ff85569377507b1ce16
ssdeep
768:QBCBtYci/pcsf6PhWvvXwPZ03bDklykJQ7GdJFT:0CfFCfQhuASbBkJQwJl

File size 25.1 KB ( 25704 bytes )
File type Flash
Magic literal
Macromedia Flash data (compressed), version 14

TrID Macromedia Flash Player Compressed Movie (100.0%)
Tags
flash exploit zlib cve-2015-5119

VirusTotal metadata
First submission 2015-07-12 17:00:01 UTC ( 2 years ago )
Last submission 2015-11-30 19:05:15 UTC ( 1 year, 7 months ago )
File names 2015-07-12-Nuclear-EK-Flash-Exploit.swf
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!