» adobe flash player_2015_.exe
Overview
Analysis
File Details
Downloads (1)

adobe flash player_2015_.exe

MODULAR SOFTWARES

The executable adobe flash player_2015_.exe, “MODULAR SOFTWARES” has been detected as malware by 17 anti-virus scanners. This is a setup program which is used to install the application. According to AVG, this software downloads additional adware offers during setup. The file has been seen being downloaded from storage.googleapis.com.

File name:

Publisher:

MODULAR SOFTWARES

Description:

MODULAR SOFTWARES

Version:

103.301.9.5

MD5:

bc75e8d2858668a600b5e28833bd0102

SHA-1:

48920c1fd3168a71570fdd520a75de0a8054c8f0

Scanner detections:

17 / 68

Status:

Malware

Analysis date:

4/20/2024 4:18:47 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Symmi.56529

382

Agnitum Outpost

Trojan.DL.Banload

7.1.1

AhnLab V3 Security

Trojan/Win32.Banload

2015.09.18

Avira AntiVirus

TR/Dldr.Banload.749

8.3.2.2

Arcabit

Trojan.Symmi.DDCD1

1.0.0.545

AVG

Downloader.Banload2

2017.0.2860

Bitdefender

Gen:Variant.Symmi.56529

1.0.20.95

Emsisoft Anti-Malware

Gen:Variant.Symmi.56529

8.16.01.19.03

ESET NOD32

Win32/TrojanDownloader.Banload.WMB (variant)

10.12272

Fortinet FortiGate

W32/Banload.WMB!tr.dldr

1/19/2016

F-Secure

Gen:Variant.Symmi.56529

11.2016-19-01_3

G Data

Gen:Variant.Symmi.56529

16.1.25

K7 AntiVirus

Trojan-Downloader

13.210.17253

MicroWorld eScan

Gen:Variant.Symmi.56529

17.0.0.57

NANO AntiVirus

Trojan.Win32.DownLoader16.dwzvdn

0.30.24.3283

Rising Antivirus

PE:Malware.Generic/QRS!1.9E2D[F1]

23.00.65.16117

Sophos

Mal/Generic-S

4.98

File size:

2.5 MB (2,657,280 bytes)

Product version:

1.0.0.0

File type:

Executable application (Win32 EXE)

Language:

Esloveno

Common path:

C:\documents and settings\condominio\meus documentos\downloads\adobe flash player_2015_.exe

File PE Metadata

Compilation timestamp:

6/19/1992 7:22:17 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

49152:rImAUhEGu+6/ldA6CtIW6cu2nIeUl17KiPNMyTaqtLTtTPvL:rI+EX/lUtOcuYfG17fTaqrv

Entry address:

0x233DC8

Entry point:

55, 8B, EC, 83, C4, F0, B8, D0, 33, 63, 00, E8, EC, 2F, DD, FF, 68, 60, 3E, 63, 00, 6A, 00, 6A, 00, E8, 62, 33, DD, FF, E8, ED, 34, DD, FF, 3D, B7, 00, 00, 00, 75, 0C, A1, 84, 1C, 64, 00, 8B, 00, E8, 3E, A4, E3, FF, A1, 84, 1C, 64, 00, 8B, 00, E8, AE, A2, E3, FF, 6A, EC, A1, 84, 1C, 64, 00, 8B, 00, 8B, 40, 30, 50, E8, B4, 3C, DD, FF, 0D, 80, 00, 00, 00, 50, 6A, EC, A1, 84, 1C, 64, 00, 8B, 00, 8B, 40, 30, 50, E8, E4, 3E, DD, FF, 8B, 0D, 0C, 1F, 64, 00, A1, 84, 1C, 64, 00, 8B, 00, 8B, 15, C0, 1A, 63, 00, E8... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

2.2 MB (2,306,048 bytes)

The file adobe flash player_2015_.exe has been seen being distributed by the following URL.

https://storage.googleapis.com/.../Adobe Flash Player_2015_.exe

Remove adobe flash player_2015_.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.