SWF_EXPLOIT.YL

 Analysis by: Nikko Tamana

 ALIASES:

Exp/20130633-A (Sophos), SWF/Exploit.AG (AVG), Virus.SWF.Exploit (Ikarus), TrojanDownloader:Win32/Small.gen!AP (Microsoft), Exploit.SWF.CVE-2013-0634 (Sunbelt)

 PLATFORM:

Windows 2000, Windows Server 2003, Windows XP (32-bit, 64-bit), Windows Vista (32-bit, 64-bit), Windows 7 (32-bit, 64-bit)

 OVERALL RISK RATING:
 DAMAGE POTENTIAL:
 DISTRIBUTION POTENTIAL:
 REPORTED INFECTION:

  • Threat Type: Trojan

  • Destructiveness: No

  • Encrypted:

  • In the wild: Yes

  OVERVIEW

Infection Channel:

Downloaded from the Internet, Dropped by other malware

This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

  TECHNICAL DETAILS

File Size:

35,446 bytes

File Type:

SWF

Initial Samples Received Date:

21 Jun 2013

Payload:

Executes files

Arrival Details

This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

NOTES:
This is Trend Micro detection for specially crafted .SWF file that takes advantage of a vulnerability in certain versions of Adobe Flash Player.