× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: e4c4fabbb62effead9ca17ec0bcd1ccfab5a328a0d008f2b14c7c1a129e6be6e
File name: E2FE34C58765B4F6E41E4B096203D04A.swf
Detection ratio: 38 / 55
Analysis date: 2016-11-13 10:26:09 UTC ( 2 weeks, 6 days ago )
Antivirus Result Update
ALYac Script.SWF.C71 20161113
AVG SWF/Exploit.AR 20161113
Ad-Aware Script.SWF.C71 20161113
AegisLab Exploit.Swf.Cve!c 20161113
AhnLab-V3 SWF/Cve-2013-3163 20161112
Antiy-AVL Trojan[Exploit]/SWF.CVE-2013-3163.c 20161113
Arcabit Script.SWF.C71 20161113
Avast SWF:Agent-CO [Expl] 20161113
Avira (no cloud) EXP/CVE-2013-3163 20161113
BitDefender Script.SWF.C71 20161113
CAT-QuickHeal SWF.GenSusp.E 20161112
ClamAV Win.Exploit.CVE_2013_3163-3 20161113
Comodo UnclassifiedMalware 20161113
Cyren SWF/CVE133163 20161113
ESET-NOD32 SWF/Exploit.CVE-2013-3163.A 20161113
Emsisoft Script.SWF.C71 (B) 20161113
F-Prot SWF/CVE133163 20161113
F-Secure Script.SWF.C71 20161113
Fortinet SWF/Exp.BX!exploit 20161113
GData Script.SWF.C71 20161113
Ikarus Exploit.SWF 20161113
K7AntiVirus Trojan ( 0001140e1 ) 20161113
K7GW Trojan ( 0001140e1 ) 20161113
Kaspersky Exploit.SWF.CVE-2013-3163.c 20161113
McAfee Exploit-CVE2013-3163 20161113
McAfee-GW-Edition BehavesLike.Flash.BadDownload.ll 20161113
eScan Script.SWF.C71 20161113
Microsoft Exploit:SWF/CVE-2013-3163 20161113
NANO-Antivirus Trojan.Swf.Mlw.ebqwqz 20161113
Panda Exploit/CVE-2013-3163 20161113
Qihoo-360 susp.swf.qexvmI.100 20161113
Sophos Troj/SWFExp-BX 20161113
Symantec Downloader.Swif 20161113
Tencent Win32.Exploit.Cve-2013-3163.Also 20161113
TrendMicro SWF_EXPLYT.DSB 20161113
TrendMicro-HouseCall SWF_EXPLYT.DSB 20161113
ViRobot SWF.S.CVE-2013-3163.5820[h] 20161113
Zillya Downloader.OpenConnection.JS.103680 20161111
AVware 20161113
Alibaba 20161110
Baidu 20161111
Bkav 20161112
CMC 20161113
CrowdStrike Falcon (ML) 20161024
DrWeb 20161113
Invincea 20161018
Jiangmin 20161113
Kingsoft 20161113
Malwarebytes 20161113
Rising 20161113
SUPERAntiSpyware 20161112
TheHacker 20161111
TotalDefense 20161113
VBA32 20161111
VIPRE 20161113
Yandex 20161112
Zoner 20161113
nProtect 20161113
The file being studied is a SWF file! SWF files deliver vector graphics, text, video, and sound over the Internet.
Commonly abused SWF properties
The studied SWF file makes use of ActionScript3, some exploits have been found in the past targeting the ActionScript Virtual Machine. ActionScript has also been used to force unwanted redirections and other badness. Note that many legitimate flash files may also use it to implement rich content and animations.
The flash file uses methods of the ExternalInterface class to communicate with the external host of the Flash plugin, such as the web browser.
SWF Properties
SWF version
10
Compression
zlib
Frame size
800.0x600.0 px
Frame count
1
Duration
0.033 seconds
File attributes
HasMetadata, ActionScript3, UseNetwork
Unrecognized SWF tags
1
Total SWF tags
10
ActionScript 3 Packages
flash.display
flash.events
flash.external
flash.media
flash.net
flash.text
flash.utils
SWF metadata
Referenced URLs
ExifTool file metadata
MIMEType
application/x-shockwave-flash

Publisher
unknown

Megapixels
0.48

Description
http://www.adobe.com/products/flex

Language
EN

Format
application/x-shockwave-flash

FlashAttributes
UseNetwork, ActionScript3, HasMetadata

Title
Adobe Flex 3 Application

FrameRate
30

FlashVersion
10

Duration
0.03 s

Creator
unknown

FileTypeExtension
swf

Compressed
True

ImageWidth
800

Date
Jul 5, 2013

ImageHeight
600

Warning
[minor] Fixed incorrect URI for xmlns:dc

FileType
SWF

FrameCount
1

ImageSize
800x600

Compressed bundles
File identification
MD5 e2fe34c58765b4f6e41e4b096203d04a
SHA1 81fe2ae7a685014cafc12c3abbcc5ffc9ab27b7e
SHA256 e4c4fabbb62effead9ca17ec0bcd1ccfab5a328a0d008f2b14c7c1a129e6be6e
ssdeep
96:rfogvfZuARP3IFVBOH0FYjXIyEWAPryl6u1DNK0e8z07s9qSiPWzzcc5:TNHRP32B00FYjXfEZFiDE0eM0tWnH5

File size 5.7 KB ( 5820 bytes )
File type Flash
Magic literal
Macromedia Flash data (compressed), version 10

TrID Macromedia Flash Player Compressed Movie (100.0%)
Tags
flash exploit zlib cve-2013-3163 ext-interface

VirusTotal metadata
First submission 2013-07-05 18:23:13 UTC ( 3 years, 5 months ago )
Last submission 2015-06-24 17:06:50 UTC ( 1 year, 5 months ago )
File names swfsploit1.sw
E2FE34C58765B4F6E41E4B096203D04A.swf
e2fe34c58765b4f6e41e4b096203d04a.exe
vti-rescan
e2fe34c58765b4f6e41e4b096203d04a
e4c4fabbb62effead9ca17ec0bcd1ccfab5a328a0d008f2b14c7c1a129e6be6e
movie.swf
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!