× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: e4c4fabbb62effead9ca17ec0bcd1ccfab5a328a0d008f2b14c7c1a129e6be6e
File name: e2fe34c58765b4f6e41e4b096203d04a
Detection ratio: 34 / 55
Analysis date: 2014-09-25 08:28:44 UTC ( 8 months ago )
Antivirus Result Update
AVG SWF/Exploit.AR 20140925
AVware Trojan.SWF.Generic (v) 20140925
Ad-Aware Script.SWF.Cxx 20140925
AhnLab-V3 SWF/Cve-2013-3163 20140924
Avast SWF:Agent-CO [Expl] 20140925
Avira EXP/CVE-2013-3163 20140925
BitDefender Script.SWF.Cxx 20140925
CAT-QuickHeal SWF.Suspicious.Gen 20140925
ClamAV Win.Exploit.CVE_2013_3163-2 20140925
Comodo UnclassifiedMalware 20140925
ESET-NOD32 SWF/Exploit.CVE-2013-3163.A 20140925
Emsisoft Script.SWF.Cxx (B) 20140925
F-Secure Script.SWF.Cxx 20140925
Fortinet SWF/Exp.BX!exploit 20140925
GData Script.SWF.Cxx 20140925
Ikarus Exploit.SWF 20140925
K7AntiVirus Trojan ( 0001140e1 ) 20140924
K7GW Trojan ( 0001140e1 ) 20140924
Kaspersky Exploit.SWF.CVE-2013-3163.c 20140925
McAfee Exploit-CVE2013-3163 20140925
McAfee-GW-Edition BehavesLike.Flash.Exploit.ll 20140924
MicroWorld-eScan Script.SWF.Cxx 20140925
Microsoft Exploit:SWF/CVE-2013-3163 20140925
Norman CVE_2013_3163.B 20140925
Panda Exploit/CVE-2013-3163 20140924
Qihoo-360 Trojan.Generic 20140925
Sophos Troj/SWFExp-BX 20140925
Symantec Downloader.Swif 20140925
Tencent Win32.Exploit.Cve-2013-3163.Also 20140925
TrendMicro SWF_EXPLYT.DSB 20140925
TrendMicro-HouseCall SWF_EXPLYT.DSB 20140925
VIPRE Trojan.SWF.Generic (v) 20140925
ViRobot SWF.S.CVE-2013-3163.5820 20140925
nProtect Script.SWF.Cxx 20140924
AegisLab 20140925
Agnitum 20140924
Antiy-AVL 20140925
Baidu-International 20140925
Bkav 20140923
ByteHero 20140925
CMC 20140924
Cyren 20140925
DrWeb 20140925
F-Prot 20140925
Jiangmin 20140924
Kingsoft 20140925
Malwarebytes 20140925
NANO-Antivirus 20140925
Rising 20140924
SUPERAntiSpyware 20140925
TheHacker 20140924
TotalDefense 20140924
VBA32 20140924
Zillya 20140925
Zoner 20140919
The file being studied is a SWF file! SWF files deliver vector graphics, text, video, and sound over the Internet.
Commonly abused SWF properties
The studied SWF file makes use of ActionScript3, some exploits have been found in the past targeting the ActionScript Virtual Machine. ActionScript has also been used to force unwanted redirections and other badness. Note that many legitimate flash files may also use it to implement rich content and animations.
The flash file uses methods of the ExternalInterface class to communicate with the external host of the Flash plugin, such as the web browser.
SWF Properties
SWF version
10
Compression
zlib
Frame size
800.0x600.0 px
Frame count
1
Duration
0.033 seconds
File attributes
HasMetadata, ActionScript3, UseNetwork
Unrecognized SWF tags
1
Total SWF tags
10
ActionScript 3 Packages
flash.display
flash.events
flash.external
flash.media
flash.net
flash.text
flash.utils
SWF metadata
Referenced URLs
ExifTool file metadata
MIMEType
application/x-shockwave-flash

Publisher
unknown

Description
http://www.adobe.com/products/flex

Language
EN

Creator
unknown

FileType
SWF

Format
application/x-shockwave-flash

FrameRate
30

FlashVersion
10

Date
Jul 5, 2013

FileAccessDate
2014:06:04 11:23:25+01:00

Title
Adobe Flex 3 Application

Compressed
True

ImageWidth
800

Duration
0.03 s

ImageHeight
600

FileAttributes
UseNetwork, ActionScript3, HasMetadata

FileCreateDate
2014:06:04 11:23:25+01:00

FrameCount
1

ImageSize
800x600

Compressed bundles
File identification
MD5 e2fe34c58765b4f6e41e4b096203d04a
SHA1 81fe2ae7a685014cafc12c3abbcc5ffc9ab27b7e
SHA256 e4c4fabbb62effead9ca17ec0bcd1ccfab5a328a0d008f2b14c7c1a129e6be6e
ssdeep
96:rfogvfZuARP3IFVBOH0FYjXIyEWAPryl6u1DNK0e8z07s9qSiPWzzcc5:TNHRP32B00FYjXfEZFiDE0eM0tWnH5

File size 5.7 KB ( 5820 bytes )
File type Flash
Magic literal
Macromedia Flash data (compressed), version 10

TrID Macromedia Flash Player Compressed Movie (100.0%)
Tags
exploit flash cve-2013-3163 ext-interface

VirusTotal metadata
First submission 2013-07-05 18:23:13 UTC ( 1 year, 10 months ago )
Last submission 2013-07-13 12:57:44 UTC ( 1 year, 10 months ago )
File names swfsploit1.sw
e2fe34c58765b4f6e41e4b096203d04a.exe
vti-rescan
e2fe34c58765b4f6e41e4b096203d04a
e4c4fabbb62effead9ca17ec0bcd1ccfab5a328a0d008f2b14c7c1a129e6be6e
movie.swf
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!