× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: c3049b3592a5768d5af090805caeb628fd37990f1f98af8f1529434c0f0fe16c
File name: 0E2[1].swf
Detection ratio: 15 / 55
Analysis date: 2017-03-02 00:10:26 UTC ( 2 years ago ) View latest
Antivirus Result Update
Ad-Aware Script.SWF.C374 20170301
AegisLab Script.Swf.C374!c 20170301
ALYac Script.SWF.C374 20170301
Arcabit Script.SWF.C374 20170301
Avira (no cloud) EXP/CVE-2016-4117.D.Gen 20170302
BitDefender Script.SWF.C374 20170301
CAT-QuickHeal SWF.GenSusp.A 20170301
Emsisoft Script.SWF.C374 (B) 20170301
F-Secure Script.SWF.C374 20170301
GData Script.SWF.C374 20170301
McAfee-GW-Edition BehavesLike.Flash.XSS.mb 20170301
Microsoft Exploit:SWF/Broxwek.A 20170301
eScan Script.SWF.C374 20170302
Qihoo-360 swf.exp.shellcode.b 20170302
TrendMicro HEUR_SWFSC.B 20170302
AhnLab-V3 20170301
Alibaba 20170228
Antiy-AVL 20170301
Avast 20170301
AVG 20170302
AVware 20170301
Baidu 20170301
Bkav 20170301
ClamAV 20170301
CMC 20170301
Comodo 20170301
CrowdStrike Falcon (ML) 20170130
Cyren 20170301
DrWeb 20170301
Endgame 20170222
ESET-NOD32 20170302
F-Prot 20170301
Fortinet 20170301
Ikarus 20170301
Sophos ML 20170203
Jiangmin 20170301
K7AntiVirus 20170301
K7GW 20170301
Kaspersky 20170228
Kingsoft 20170302
Malwarebytes 20170302
McAfee 20170301
NANO-Antivirus 20170301
nProtect 20170301
Panda 20170301
Rising 20170301
Sophos AV 20170301
SUPERAntiSpyware 20170301
Symantec 20170301
Tencent 20170302
TheHacker 20170228
TrendMicro-HouseCall 20170302
Trustlook 20170302
VBA32 20170301
VIPRE 20170301
ViRobot 20170301
Webroot 20170302
WhiteArmor 20170222
Yandex 20170225
Zillya 20170301
Zoner 20170301
The file being studied is a SWF file! SWF files deliver vector graphics, text, video, and sound over the Internet.
Commonly abused SWF properties
The studied SWF file makes use of ActionScript3, some exploits have been found in the past targeting the ActionScript Virtual Machine. ActionScript has also been used to force unwanted redirections and other badness. Note that many legitimate flash files may also use it to implement rich content and animations.
SWF Properties
SWF version
32
Frame size
600.0x440.0 px
Frame count
1
Duration
0.033 seconds
File attributes
HasMetadata, ActionScript3, UseNetwork
Unrecognized SWF tags
0
Total SWF tags
8
ActionScript 3 Packages
flash.display
flash.events
flash.net
flash.system
flash.utils
ExifTool file metadata
MIMEType
application/x-shockwave-flash

ImageSize
600x440

FileType
SWF

Megapixels
0.264

FrameRate
30

FlashVersion
32

FileTypeExtension
swf

Compressed
False

ImageWidth
600

Duration
0.03 s

FlashAttributes
UseNetwork, ActionScript3, HasMetadata

FrameCount
1

ImageHeight
440

PCAP parents
File identification
MD5 d16cf8b137a4f097567eb34d30f2fad2
SHA1 09acee32c23e10c49dcd686be32ed6eb1bd917d4
SHA256 c3049b3592a5768d5af090805caeb628fd37990f1f98af8f1529434c0f0fe16c
ssdeep
384:VXkCXTSTdiyPaq96BvSyHORn12P23dnirHswGmv/S6MZTrQaZ:ZkCXEVVYvhORn42gTAmvNMZok

File size 20.6 KB ( 21066 bytes )
File type Flash
Magic literal
Macromedia Flash data, version 32

TrID Macromedia Flash Player Movie (100.0%)
Tags
flash exploit cve-2016-4117

VirusTotal metadata
First submission 2017-03-01 22:32:10 UTC ( 2 years ago )
Last submission 2017-03-02 00:10:26 UTC ( 2 years ago )
File names FWS.swf
0E2[1].swf
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!