adobe flash.exe

Profile Viewers installer

rinim

The executable adobe flash.exe, “Deploy Profile Viewers browsers extension” has been detected as malware by 4 anti-virus scanners. This is a self-extracting archive and installer and has been known to bundle potentially unwanted software.
Publisher:
rinim  (signed and verified)

Product:
Profile Viewers installer

Description:
Deploy Profile Viewers browsers extension

Version:
5.0.0

MD5:
27ca36d3a8a547a76d59dceead4a9ae5

SHA-1:
c34b3f229cda07761dc9a0cd2d1031036f156d6f

SHA-256:
75c3b020ec6e8c06f47c4e285924f423c9173611104818ad21eb9f3d8d9a7241

Scanner detections:
4 / 68

Status:
Malware

Analysis date:
12/12/2017 2:03:00 AM UTC  (today)

Scan engine
Detection
Engine version

Dr.Web
Trojan.AVKill.30540
9.0.1.0140

McAfee
Artemis!27CA36D3A8A5
5600.6394

McAfee Web Gateway
Artemis!27CA36D3A8A5
7.6394

Microsoft Security Essentials
TrojanDropper:Win32/Febipos.C
1.163.1557.0

File size:
4.3 MB (4,543,680 bytes)

Product version:
5.0.0

Copyright:
Facebook

Original file name:
setup.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\adobe flash.exe

Digital Signature
Signed by:

Authority:
rinim

Valid from:
12/31/2012 2:00:00 PM

Valid to:
12/31/2018 2:00:00 PM

Subject:
CN=rinim

Issuer:
CN=rinim

Serial number:
3D9394A4D3EC5E8A45B5171E76F8199A

File PE Metadata
Compilation timestamp:
3/31/2013 7:40:23 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:mqAr71MSDvsSgwDJWFPRF4V5sUheW1TxBq/j3O:BMMSDv/jgL65sUhr57q/je

Entry address:
0x2034C

Entry point:
55, 8B, EC, 81, C4, D0, FE, FF, FF, 53, 56, 57, 33, C0, 89, 45, D0, 89, 45, EC, 89, 45, D8, 89, 45, D4, B8, F0, F3, 41, 00, E8, A0, 62, FE, FF, 33, C0, 55, 68, F2, 04, 42, 00, 64, FF, 30, 64, 89, 20, 33, C0, 55, 68, 7E, 04, 42, 00, 64, FF, 30, 64, 89, 20, B8, 0C, 05, 42, 00, E8, 52, C0, FF, FF, B8, 3C, 05, 42, 00, E8, 48, C0, FF, FF, B8, 6C, 05, 42, 00, E8, 3E, C0, FF, FF, 8D, 45, EC, 50, 8D, 45, D8, E8, 62, 5A, FF, FF, 8B, 45, D8, 89, 45, DC, C6, 45, E0, 0B, 8D, 55, D4, B8, 04, 00, 00, 00, E8, 6B, 60, FF...
 
[+]

Entropy:
7.9808

Developed / compiled with:
Microsoft Visual C++

Code size:
123 KB (125,952 bytes)

Remove adobe flash.exe - Powered by Reason Core Security