× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: cc1002a14db7ccf59b7320b49a5dfc0995a6ad6895bfaab4de1a296756020fe6
File name: RigEK Flash Exploit.swf
Detection ratio: 3 / 55
Analysis date: 2016-09-20 23:48:56 UTC ( 1 year, 10 months ago ) View latest
Antivirus Result Update
CAT-QuickHeal SWF.GenSusp.A 20160920
McAfee-GW-Edition BehavesLike.Flash.XSS.mb 20160920
Tencent Win32.Exploit.Agent.Eckm 20160921
Ad-Aware 20160921
AegisLab 20160920
AhnLab-V3 20160920
Alibaba 20160920
ALYac 20160921
Antiy-AVL 20160921
Arcabit 20160920
Avast 20160921
AVG 20160920
Avira (no cloud) 20160920
AVware 20160920
Baidu 20160920
BitDefender 20160920
Bkav 20160920
ClamAV 20160920
CMC 20160916
Comodo 20160920
Cyren 20160920
DrWeb 20160920
Emsisoft 20160920
ESET-NOD32 20160920
F-Prot 20160920
F-Secure 20160920
Fortinet 20160920
GData 20160920
Ikarus 20160920
Jiangmin 20160920
K7AntiVirus 20160920
K7GW 20160920
Kaspersky 20160920
Kingsoft 20160921
Malwarebytes 20160920
McAfee 20160920
Microsoft 20160920
eScan 20160920
NANO-Antivirus 20160920
nProtect 20160920
Panda 20160920
Qihoo-360 20160921
Rising 20160920
Sophos AV 20160920
SUPERAntiSpyware 20160920
Symantec 20160920
TheHacker 20160920
TrendMicro 20160920
TrendMicro-HouseCall 20160920
VBA32 20160920
VIPRE 20160920
ViRobot 20160920
Yandex 20160920
Zillya 20160920
Zoner 20160920
The file being studied is a SWF file! SWF files deliver vector graphics, text, video, and sound over the Internet.
Commonly abused SWF properties
The studied SWF file makes use of ActionScript3, some exploits have been found in the past targeting the ActionScript Virtual Machine. ActionScript has also been used to force unwanted redirections and other badness. Note that many legitimate flash files may also use it to implement rich content and animations.
SWF Properties
SWF version
28
Compression
zlib
Frame size
709.0x124.0 px
Frame count
1
Duration
0.040 seconds
File attributes
HasMetadata, ActionScript3, UseNetwork
Unrecognized SWF tags
0
Total SWF tags
8
ActionScript 3 Packages
flash.display
flash.events
flash.net
flash.system
flash.utils
ExifTool file metadata
MIMEType
application/x-shockwave-flash

ImageSize
709x124

FileType
SWF

Megapixels
0.088

FrameRate
25

FlashVersion
28

FileTypeExtension
swf

Compressed
True

ImageWidth
709

Duration
0.04 s

FlashAttributes
UseNetwork, ActionScript3, HasMetadata

FrameCount
1

ImageHeight
124

File identification
MD5 85d8272cd346e36591c89cb493a17e1d
SHA1 c83a0edfa36a70de023f5a4bc106e90338532b21
SHA256 cc1002a14db7ccf59b7320b49a5dfc0995a6ad6895bfaab4de1a296756020fe6
ssdeep
384:WWsY5C0OLeyM0t/DXKjcTFUFPOa3SWUlIvLW4dNB1Oyp36ZA4ixquQnziK2s/5du:FyodgimJWUlOLXJ1OyNPDhQzFj3u

File size 25.3 KB ( 25890 bytes )
File type Flash
Magic literal
Macromedia Flash data (compressed), version 28

TrID Macromedia Flash Player Compressed Movie (100.0%)
Tags
flash zlib

VirusTotal metadata
First submission 2016-09-20 21:14:10 UTC ( 1 year, 10 months ago )
Last submission 2016-09-24 17:45:56 UTC ( 1 year, 9 months ago )
File names 85d8272cd346e36591c89cb493a17e1d.swf
RigEK Flash Exploit.swf
FLASH.BIN
295Flash
RIG_Exploit.swf
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!