Malware is embedded in Adobe Flash files in the form of a hidden iframe. This is an example of a malicious iframe injector written in Flash. The code is called ActionScript, which is designed specifically for Web site animation. ActionScript is a sophisticated version of the script language introduced in Flash 3. The iframe uses common malicious practices like negative absolute positioning, random numbers, and targets Windows Internet Explorer (MSIE) users only. The file leads to a malicious CGI script which forwards to an inaccessible blacklisted domain (this may change)”]
Source: https://blog.sucuri.net/2014/11/malicious-injector-in-swf-adobe-flash-file.html