home

adobe flash player 2015.exe

SAPO

The executable adobe flash player 2015.exe has been detected as malware by 15 anti-virus scanners. This is a setup program which is used to install the application. According to AVG, this software downloads additional adware offers during setup. The file has been seen being downloaded from bit.ly and multiple other hosts.
Publisher:
SAPO  (signed and verified)

MD5:
e24d301ec418f45021ea55869f0c7d3d

SHA-1:
108181c5337d7c69544c1fd28757be3b4bf3355e

SHA-256:
256b1f13cbc489616ce5da4a7ddb2ca3c70c200c5d431dd9865e9cb9b52be200

Scanner detections:
15 / 68

Status:
Malware

Analysis date:
4/25/2024 4:57:27 AM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Malware-gen
2014.9-151017

AVG
Downloader.Banload2
2016.0.2954

Baidu Antivirus
Trojan.Win32.Banload
4.0.3.151017

Bitdefender
Trojan.GenericKD.2795735
1.0.20.1450

Emsisoft Anti-Malware
Trojan.GenericKD.2795735
8.15.10.17.05

ESET NOD32
Win32/TrojanDownloader.Banload.WOV (variant)
9.12413

Fortinet FortiGate
W32/Banload.WOV!tr.dldr
10/17/2015

F-Secure
Trojan.GenericKD.2795735
11.2015-17-10_7

G Data
Trojan.GenericKD.2795735
15.10.25

IKARUS anti.virus
Trojan-Downloader.Win32.Banload
t3scan.1.9.5.0

Kaspersky
UDS:DangerousObject.Multi.Generic
14.0.0.1264

Microsoft Security Essentials
TrojanDownloader:Win32/Banload
1.1.12101.0

MicroWorld eScan
Trojan.GenericKD.2795735
16.0.0.870

nProtect
Trojan.GenericKD.2795735
15.10.15.02

Sophos
Mal/Generic-S
4.98

File size:
797.1 KB (816,248 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\adobe flash player 2015.exe

Digital Signature
Signed by:
SAPO

Authority:
SAPO

Valid from:
6/5/2015 2:08:35 PM

Valid to:
6/5/2016 2:08:35 PM

Subject:
E=cmd@sapo.pt, CN=SAPO.PT, OU=SAPO Division of Protocol, O=SAPO, L=Opalo, S=Jobila, C=AS

Issuer:
E=cmd@sapo.pt, CN=SAPO.PT, OU=SAPO Division of Protocol, O=SAPO, L=Opalo, S=Jobila, C=AS

Serial number:
00A7AB2CD21ECC7345

File PE Metadata
Compilation timestamp:
6/19/1992 7:22:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:aKg8447xtW5AOm+1tQYptIiah5GTWro1a1TU+bl:7Q4QmYptGTTPJ

Entry address:
0xAA474

Entry point:
55, 8B, EC, 83, C4, F0, 53, B8, 64, A1, 4A, 00, E8, 9B, C1, F5, FF, 8B, 1D, D0, 2F, 4B, 00, 8B, 03, E8, 06, 5C, FB, FF, 8B, 0D, 24, 31, 4B, 00, 8B, 03, 8B, 15, 60, 4C, 4A, 00, E8, 0B, 5C, FB, FF, 8B, 0D, 68, 31, 4B, 00, 8B, 03, 8B, 15, EC, 8C, 4A, 00, E8, F8, 5B, FB, FF, 8B, 0D, 80, 2F, 4B, 00, 8B, 03, 8B, 15, 9C, 9F, 4A, 00, E8, E5, 5B, FB, FF, 8B, 03, C6, 40, 5B, 00, 8B, 03, E8, 58, 5C, FB, FF, 5B, E8, EA, 9A, F5, FF, 8B, C0, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
677.5 KB (693,760 bytes)

The file adobe flash player 2015.exe has been seen being distributed by the following 5 URLs.

http://bit.ly/1hCYJvq

http://bit.ly/1L9LFIE

https://3irqbg-dm2305.files.1drv.com/.../Adobe - Flash - 2015 -.exe

https://3irqbg-dm2305.files.1drv.com/.../Adobe Flash Player 2015 .exe

https://storage.googleapis.com/.../Adobe Flash Player 2015 .exe

Remove adobe flash player 2015.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.