× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: bfe7eedce93601d5b1e04eab0a6ed5db1a38b4e6bb3cd211f05a968b6c2c8b24
File name: flash.swf
Detection ratio: 29 / 55
Analysis date: 2016-11-13 10:22:07 UTC ( 1 year, 11 months ago )
Antivirus Result Update
Ad-Aware Exploit.SWF.BH 20161113
AegisLab Exploit.SWF.Blacole.d!c 20161113
AhnLab-V3 SWF/Exploit 20161112
ALYac Exploit.SWF.BH 20161113
Antiy-AVL Trojan[Exploit]/SWF.Blacole.d 20161113
Arcabit Exploit.SWF.BH 20161113
Avast SWF:Dropper [Heur] 20161113
AVG SWF/Exploit.M 20161113
Avira (no cloud) EXP/FLASH.Pubenush.Gen 20161113
AVware LooksLike.SWF.Malware.b (v) 20161113
BitDefender Exploit.SWF.BH 20161113
CAT-QuickHeal SWF.Trojan.Q 20161112
Comodo UnclassifiedMalware 20161113
Emsisoft Exploit.SWF.BH (B) 20161113
ESET-NOD32 SWF/Exploit.Agent.EN 20161112
F-Secure Exploit:SWF/Defeater.J 20161113
GData Exploit.SWF.BH 20161113
Ikarus SWF.Dropper 20161113
Kaspersky Exploit.SWF.Blacole.d 20161113
McAfee-GW-Edition BehavesLike.Flash.Exploit.zg 20161113
Microsoft Exploit:SWF/Blacole.AV 20161113
eScan Exploit.SWF.BH 20161113
Qihoo-360 susp.swf.qexvmI.70 20161113
Sophos AV Troj/SWFExp-BE 20161113
Symantec Trojan.Swifi 20161113
Tencent Win32.Exploit.Blacole.bimk 20161113
TrendMicro SWF_MALGENT.NJ 20161113
VIPRE LooksLike.SWF.Malware.b (v) 20161113
Zillya Downloader.OpenConnection.JS.88455 20161111
Alibaba 20161110
Baidu 20161111
Bkav 20161112
ClamAV 20161113
CMC 20161113
CrowdStrike Falcon (ML) 20161024
Cyren 20161113
DrWeb 20161113
F-Prot 20161113
Fortinet 20161113
Sophos ML 20161018
Jiangmin 20161113
K7AntiVirus 20161113
K7GW 20161113
Kingsoft 20161113
Malwarebytes 20161113
McAfee 20161113
NANO-Antivirus 20161113
nProtect 20161113
Panda 20161112
Rising 20161113
SUPERAntiSpyware 20161112
TheHacker 20161111
TotalDefense 20161113
TrendMicro-HouseCall 20161113
VBA32 20161111
ViRobot 20161113
Yandex 20161112
Zoner 20161113
The file being studied is a SWF file! SWF files deliver vector graphics, text, video, and sound over the Internet.
Commonly abused SWF properties
The studied SWF file makes use of ActionScript3, some exploits have been found in the past targeting the ActionScript Virtual Machine. ActionScript has also been used to force unwanted redirections and other badness. Note that many legitimate flash files may also use it to implement rich content and animations.
Contains ActionScript code to request and retrieve content from Internet URLs.
The studied SWF file performs environment identification.
The flash file uses methods of the ExternalInterface class to communicate with the external host of the Flash plugin, such as the web browser.
SWF Properties
SWF version
10
Compression
zlib
Frame size
550.0x400.0 px
Frame count
1
Duration
0.042 seconds
File attributes
ActionScript3
Unrecognized SWF tags
0
Total SWF tags
7
ActionScript 3 Packages
flash.display
flash.events
flash.external
flash.net
flash.system
flash.utils
Suspicious strings
ExifTool file metadata
MIMEType
application/x-shockwave-flash

ImageSize
550x400

FileType
SWF

Megapixels
0.22

FrameRate
24

FlashVersion
10

FileTypeExtension
swf

Compressed
True

ImageWidth
550

Duration
0.04 s

FlashAttributes
ActionScript3

FrameCount
1

ImageHeight
400

File identification
MD5 5b0a54f611677389607ea2a9e3b0ef10
SHA1 73d74b7a797688392551158560259f187f88ec63
SHA256 bfe7eedce93601d5b1e04eab0a6ed5db1a38b4e6bb3cd211f05a968b6c2c8b24
ssdeep
48:kmYgK0OxqhoAh7vBCWLcH2IBoGOy+HtUIZU9ag1wMQ337lNr7RUVRS7R8DUDWZPg:kmsx+PUoYjO/TC9B1/Qbl9/N0U6pxaz5

File size 2.8 KB ( 2850 bytes )
File type Flash
Magic literal
Macromedia Flash data (compressed), version 10

TrID Macromedia Flash Player Compressed Movie (100.0%)
Tags
flash zlib capabilities ext-interface

VirusTotal metadata
First submission 2012-11-10 13:00:53 UTC ( 5 years, 11 months ago )
Last submission 2013-06-28 03:42:14 UTC ( 5 years, 3 months ago )
File names output.5577682.txt
5b0a54f611677389607ea2a9e3b0ef10
E1f1_orr.sys
aa
837392ea480394f86bfa2c3534148fcc6737abf9
lUy7YEuob2.drv
f1.swf
flash.exp
flash.swf
1352740672.y.swf
file-4801406_swf
z.swf, y.swf
5577682
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!