home

adobe_flash_player.exe

PDF FILE CREATOR

The executable adobe_flash_player.exe has been detected as malware by 14 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from storage.googleapis.com and multiple other hosts.
Publisher:
PDF FILE CREATOR

Description:
PDF FILE CREATOR

Version:
1014.996.2365.2569

MD5:
fd4de267ad9774118e37226e0bc80fc9

SHA-1:
98112b258fa79533340d1ad9065b657bd3fd5ab5

SHA-256:
9e392146162d2a6caaf887b1a1b18c4562e45420c96ad8e5a6725202d620db38

Scanner detections:
14 / 68

Status:
Malware

Analysis date:
4/19/2024 6:47:12 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Strictor.87507
380

AhnLab V3 Security
Trojan/Win32.Inject
2015.05.30

Bitdefender
Gen:Variant.Strictor.87507
1.0.20.105

Emsisoft Anti-Malware
Gen:Variant.Strictor.87507
8.16.01.21.07

F-Secure
Gen:Variant.Strictor.87507
11.2016-21-01_5

G Data
Gen:Variant.Strictor.87507
16.1.25

IKARUS anti.virus
Win32.SuspectCrc
t3scan.1.9.2.0

Kaspersky
UDS:DangerousObject.Multi.Generic
14.0.0.783

Malwarebytes
Trojan.Banker.ABRA
v2016.01.21.07

McAfee
Artemis!FD4DE267AD97
5600.6514

MicroWorld eScan
Gen:Variant.Strictor.87507
17.0.0.63

NANO AntiVirus
Trojan.Win32.Banload.dshayl
0.30.24.1636

Panda Antivirus
Trj/Genetic.gen
16.01.21.07

Trend Micro House Call
Suspicious_GEN.F47V0526
7.2.21

File size:
2 MB (2,089,472 bytes)

Product version:
1.0.0.0

File type:
Executable application (Win32 EXE)

Language:
Russian (Russia)

Common path:
C:\users\{user}\downloads\adobe_flash_player.exe

File PE Metadata
Compilation timestamp:
6/19/1992 7:22:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:anmWd1YLB6jjUAeEGOg6CuUrRppiPNm6elTPYhn:anbW63ZeEGO7C/Rp76+M

Entry address:
0x1BF378

Entry point:
55, 8B, EC, 83, C4, F0, B8, A0, EA, 5B, 00, E8, 50, 7E, E4, FF, 68, EC, F3, 5B, 00, 6A, 00, 6A, 00, E8, 02, 82, E4, FF, E8, 85, 83, E4, FF, 3D, B7, 00, 00, 00, 75, 07, 33, C0, E8, 73, 55, E4, FF, A1, 8C, A5, 5C, 00, 8B, 00, E8, 0F, 6E, EA, FF, 8B, 0D, 00, A8, 5C, 00, A1, 8C, A5, 5C, 00, 8B, 00, 8B, 15, 68, CE, 5B, 00, E8, 0F, 6E, EA, FF, A1, 8C, A5, 5C, 00, 8B, 00, C6, 40, 5B, 00, A1, 8C, A5, 5C, 00, 8B, 00, E8, 78, 6E, EA, FF, E8, 5B, 54, E4, FF, 00, 00, 00, 49, 4A, 48, 49, 53, 48, 38, 39, 38, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
1.7 MB (1,827,840 bytes)

The file adobe_flash_player.exe has been seen being distributed by the following 2 URLs.

http://storage.googleapis.com/.../Adobe_Flash_Player.exe

http://storage.googleapis.com/flash-player/.../Adobe_Flash_Player.exe

Remove adobe_flash_player.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.