MALICIOUS
122
Risk Score
Malware Insights
MITRE ATT&CK
T1203 Exploitation for Client Execution
The sample is identified as malicious due to the presence of an embedded Adobe Flash (SWF) file, a known vector for exploits. ClamAV detection confirms this, specifically flagging it as BC.Legacy.Exploit.CVE_2012_1535-2. The embedded SWF suggests an attempt to exploit client-side vulnerabilities, likely for arbitrary code execution. An unknown reputation URL was also extracted.
Heuristics 3
-
ClamAV: BC.Legacy.Exploit.CVE_2012_1535-2 critical CLAMAV_DETECTIONClamAV detected this file as malware: BC.Legacy.Exploit.CVE_2012_1535-2
-
Embedded Adobe Flash (SWF) in OLE document critical OFFICE_EMBEDDED_SWFDocument contains an embedded Adobe Flash (SWF) object. Vulnerabilities such as CVE-2018-4878 and CVE-2018-15982 involved Flash objects embedded in Office files. Adobe Flash has been end-of-life since December 2020.
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://www.typodermic.com In document text (OLE body)
- http://www.w3.org/1999/02/22-rdf-syntax-ns#In document text (OLE body)
- http://purl.org/dc/elements/1.1In document text (OLE body)
- http://www.adobe.com/products/flexIn document text (OLE body)
- http://www.adobe.com/2006/flex/mx/internalIn document text (OLE body)
- http://adobe.com/AS3/2006/builtinIn document text (OLE body)
Open this report in the interactive analyzer, or submit your own file for analysis.