» adobe-flash-player-2015.exe
Overview
Analysis
File Details
Downloads (1)

adobe-flash-player-2015.exe

FLASH ACTIVEX

The executable adobe-flash-player-2015.exe has been detected as malware by 21 anti-virus scanners. This is a setup program which is used to install the application. According to AVG, this software downloads additional adware offers during setup. The file has been seen being downloaded from storage.googleapis.com.

File name:

Publisher:

FLASH ACTIVEX

Description:

FLASH ACTIVEX

Version:

1012.890.995.12125

MD5:

221ad45d39c066fe698aff4d89fc2435

SHA-1:

122e967ce854435d9c5a8122800eacf752d6e0e4

SHA-256:

8ad41607c777b6eb531fc4c12c563584424334344c7e73cf4be004505efcf6cf

Scanner detections:

21 / 68

Status:

Malware

Analysis date:

5/14/2024 8:54:37 PM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

Trojan.DL.Banload

7.1.1

Avira AntiVirus

TR/Dldr.Banload.1160192

8.3.2.2

avast!

Win32:Banker-MMJ [Trj]

2014.9-151127

AVG

Downloader.Banload2

2016.0.2912

Baidu Antivirus

Trojan.Win32.Banload

4.0.3.151127

Emsisoft Anti-Malware

Trojan-Downloader.Win32.Banload

8.15.11.27.08

ESET NOD32

Win32/TrojanDownloader.Banload.WPK (variant)

9.12514

Fortinet FortiGate

W32/Banload.WPK!tr.dldr

11/27/2015

IKARUS anti.virus

Trojan-Downloader.Win32.Banload

t3scan.1.9.5.0

K7 AntiVirus

Trojan-Downloader

13.212.17745

Kaspersky

HEUR:Trojan.Win32.Generic

14.0.0.1056

Malwarebytes

Trojan.Banload

v2015.11.27.08

McAfee

Artemis!221AD45D39C0

5600.6568

Microsoft Security Essentials

TrojanDownloader:Win32/Banload.BEW

1.1.12205.0

Panda Antivirus

Trj/CI.A

15.11.27.08

Rising Antivirus

PE:Malware.Generic/QRS!1.9E2D [F]

23.00.65.151125

Sophos

Mal/Generic-S

4.98

Trend Micro

TROJ_GEN.R00GC0DJN15

10.465.27

VIPRE Antivirus

Trojan.Win32.Generic

45002

ViRobot

Trojan.Win32.Z.Banload.1160192[h]

2014.3.20.0

Zillya! Antivirus

Downloader.Banload.Win32.68150

2.0.0.2493

File size:

1.1 MB (1,160,192 bytes)

Product version:

1.0.0.0

File type:

Executable application (Win32 EXE)

Language:

Bielorrusso (República de Belarus)

Common path:

C:\users\{user}\downloads\adobe-flash-player-2015.exe

File PE Metadata

Compilation timestamp:

6/19/1992 7:22:17 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

24576:LuT1pGIqW5AiRrPZ4QoeL6IJGTw8+iAQTU+/hfv:LuL7DZ41eOIJ21jTP/t

Entry address:

0xDB7F8

Entry point:

55, 8B, EC, 83, C4, F0, B8, D8, B2, 16, 00, E8, E4, B1, F2, FF, 68, 90, B8, 16, 00, 6A, 00, 6A, 00, E8, B6, B4, F2, FF, E8, 31, B6, F2, FF, 3D, B7, 00, 00, 00, 75, 0C, A1, F0, 51, 17, 00, 8B, 00, E8, AA, BD, F8, FF, A1, F0, 51, 17, 00, 8B, 00, E8, 1A, BC, F8, FF, 6A, EC, A1, F0, 51, 17, 00, 8B, 00, 8B, 40, 30, 50, E8, 58, BD, F2, FF, 0D, 80, 00, 00, 00, 50, 6A, EC, A1, F0, 51, 17, 00, 8B, 00, 8B, 40, 30, 50, E8, 58, BF, F2, FF, 8B, 0D, F4, 51, 17, 00, A1, F0, 51, 17, 00, 8B, 00, 8B, 15, A4, 95, 16, 00, E8... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

874.5 KB (895,488 bytes)

The file adobe-flash-player-2015.exe has been seen being distributed by the following URL.

https://storage.googleapis.com/.../Adobe-Flash-Player-2015.exe

Remove adobe-flash-player-2015.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.