home

adobe flash player 2015 _.exe

The executable adobe flash player 2015 _.exe has been detected as malware by 27 anti-virus scanners. This is a setup program which is used to install the application. According to AVG, this software downloads additional adware offers during setup. The file has been seen being downloaded from storage.googleapis.com and multiple other hosts.
MD5:
dc7a06860b4ddc3963facb54656c776e

SHA-1:
199e197ee89ada026b403499b367ddbf4c19f75a

SHA-256:
2fd3db80a42ccc3121e52b49f37a5f6c6d82f1abb84d7404cac501280dc87300

Scanner detections:
27 / 68

Status:
Malware

Analysis date:
4/18/2024 11:29:47 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Graftor.249117
396

Agnitum Outpost
Trojan.Agent
7.1.1

AhnLab V3 Security
Malware/Win32.Generic
2015.12.11

Avira AntiVirus
TR/Dldr.Banload.830
8.3.2.4

Arcabit
Trojan.Graftor.D3CD1D
1.0.0.629

avast!
Win32:Malware-gen
2014.9-160105

AVG
Downloader.Banload2
2017.0.2874

Baidu Antivirus
Trojan.Win32.Banload
4.0.3.1615

Bitdefender
Gen:Variant.Graftor.249117
1.0.20.25

Dr.Web
Trojan.DownLoader17.48772
9.0.1.05

Emsisoft Anti-Malware
Gen:Variant.Graftor.249117
8.16.01.05.04

ESET NOD32
Win32/TrojanDownloader.Banload.WRY (variant)
10.12706

Fortinet FortiGate
W32/Banload.WQS!tr.dldr
1/5/2016

F-Secure
Gen:Variant.Graftor.249117
11.2016-05-01_3

G Data
Gen:Variant.Graftor.249117
16.1.25

IKARUS anti.virus
Trojan-Downloader.Win32.Banload
t3scan.1.9.5.0

K7 AntiVirus
Trojan-Downloader
13.212.18079

Kaspersky
HEUR:Trojan.Win32.Generic
14.0.0.864

McAfee
GenericR-FBP!DC7A06860B4D
5600.6530

Microsoft Security Essentials
TrojanDownloader:Win32/Banload.BFL
1.1.12300.0

MicroWorld eScan
Gen:Variant.Graftor.249117
17.0.0.15

NANO AntiVirus
Trojan.Win32.DownLoader17.dytdtj
1.0.10.5081

Panda Antivirus
Trj/GdSda.A
16.01.05.04

Quick Heal
TrojanDownloader.Banload.g8
1.16.14.00

Trend Micro
TROJ_GEN.R00XC0DKH15
10.465.05

VIPRE Antivirus
Trojan.Win32.Generic
45760

Zillya! Antivirus
Worm.Allaple.Win32.30326
2.0.0.2560

File size:
1.5 MB (1,606,144 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\adobe flash player 2015 _.exe

File PE Metadata
Compilation timestamp:
6/19/1992 7:22:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:k412dv778IWDA8YhKhn2jq/6gLGJcXz6EOCnBNYRsUmcDk2vBkH5dtRTedTU+XAn:t12pqkqys9XzKCAzk25kH5dtRTATPq

Entry address:
0x153028

Entry point:
55, 8B, EC, 83, C4, F0, B8, C0, 29, 55, 00, E8, 0C, 3B, EB, FF, 68, C0, 30, 55, 00, 6A, 00, 6A, 00, E8, BA, 3D, EB, FF, E8, 55, 3F, EB, FF, 3D, B7, 00, 00, 00, 75, 0C, A1, D0, 05, 56, 00, 8B, 00, E8, 82, 2A, F1, FF, A1, D0, 05, 56, 00, 8B, 00, E8, F2, 28, F1, FF, 6A, EC, A1, D0, 05, 56, 00, 8B, 00, 8B, 40, 30, 50, E8, 14, 47, EB, FF, 0D, 80, 00, 00, 00, 50, 6A, EC, A1, D0, 05, 56, 00, 8B, 00, 8B, 40, 30, 50, E8, 2C, 49, EB, FF, 8B, 0D, D4, 05, 56, 00, A1, D0, 05, 56, 00, 8B, 00, 8B, 15, 00, 0F, 55, 00, E8...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
1.3 MB (1,384,960 bytes)

The file adobe flash player 2015 _.exe has been seen being distributed by the following 2 URLs.

https://storage.googleapis.com/.../Adobe Flash Player 2015 _ .exe

https://storage.googleapis.com/.../Adobe Flash Player 2015 _ - .exe

Remove adobe flash player 2015 _.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.