The SWF has been analysed. We find this URL in the code:
The allowed countries for this particular malicious campaign are ZA, US and UK
220.127.116.11-18.104.22.168 Hop One Internet Corporation
22.214.171.124-126.96.36.199 (Internet Solutions (Pty) Ltd (South Africa)
Banned cities: Johannesburg, Tukwila
Kudos to Kimberley for decrypting the SWF contents.