» adobe_flash_player.exe
Overview
Analysis
File Details
Downloads (1)

adobe_flash_player.exe

NET SOFTWARES

The executable adobe_flash_player.exe has been detected as malware by 13 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from storage.googleapis.com.

File name:

Publisher:

NET SOFTWARES

Description:

NET SOFTWARES

Version:

7.6.13.5

MD5:

e00270c596b49884d67e80da4550623e

SHA-1:

eb2de7a88fd8a39c4005f1730b1be9cc4635eb74

SHA-256:

f98ba209527f1f1c2eb16ce067c1fbf4ce66f7106bef00a97cf2d8172107ffec

Scanner detections:

13 / 68

Status:

Malware

Analysis date:

4/25/2024 3:39:17 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Symmi.55177

536

AhnLab V3 Security

Malware/Win32.Generic

2015.08.18

Arcabit

Trojan.Symmi.DD789

1.0.0.425

Bitdefender

Gen:Variant.Symmi.55177

1.0.20.1150

Bkav FE

HW32.Packed

1.3.0.7062

Emsisoft Anti-Malware

Gen:Variant.Symmi.55177

8.15.08.18.01

F-Secure

Gen:Variant.Symmi.55177

11.2015-18-08_3

G Data

Gen:Variant.Symmi.55177

15.8.25

IKARUS anti.virus

Trojan-Spy.Win32.Banker.add

t3scan.1.9.5.0

K7 AntiVirus

Trojan

13.2016914

MicroWorld eScan

Gen:Variant.Symmi.55177

16.0.0.690

Qihoo 360 Security

HEUR/QVM19.1.Malware.Gen

1.0.0.1015

Vba32 AntiVirus

Trojan.Svchost.5505

3.12.26.4

File size:

1.1 MB (1,152,131 bytes)

Product version:

1.0.0.0

File type:

Executable application (Win32 EXE)

Language:

Urdu (Paquistão)

Common path:

C:\users\{user}\downloads\adobe_flash_player.exe

File PE Metadata

Compilation timestamp:

6/19/1992 7:22:17 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

24576:b5TaiPEalzuUkBbSmrMJ1tUfde6LYZ+w//mSYoToq1EPWRDhV:9P3lzF0lgJOdPw+aoSEOj

Entry address:

0x250000

Entry point:

60, 4D, D3, D9, F8, 49, 66, 8B, EA, 4A, 8B, CF, 0F, 86, 03, 00, 00, 00, 66, 8B, EA, 81, CE, 94, 27, BB, 35, 87, F5, BA, AB, 00, 65, 00, 76, 03, C1, C0, 9D, F8, BF, 29, EC, 7A, 5D, F9, 81, F7, 32, B2, 7A, 0E, 13, E9, 0F, 83, 02, 00, 00, 00, 87, F0, BB, 56, 9D, A2, 9A, 4E, 81, F3, 7B, 9D, A2, 9A, F8, 66, BE, DD, 27, 8B, 0A, 71, 01, 46, 03, CF, 66, D3, E6, 85, EE, C1, C9, 07, 45, 83, C2, 04, 2B, 0A, 83, EA, 04, E9, 07, 00, 00, 00, 70, 04, 66, B8, A9, DE, F8, 89, 0A, 0F, 88, 01, 00, 00, 00, F8, 81, F7, 18, D6... 
[+]

Code size:

2.4 MB (2,539,008 bytes)

The file adobe_flash_player.exe has been seen being distributed by the following URL.

https://storage.googleapis.com/adobe-flash-player/.../Adobe_Flash_Player.exe

Remove adobe_flash_player.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.