» adobe_flash_player_05_08_2015.exe
Overview
Analysis
File Details
Downloads (2)

adobe_flash_player_05_08_2015.exe

The executable adobe_flash_player_05_08_2015.exe has been detected as malware by 24 anti-virus scanners. This is a setup program which is used to install the application. According to AVG, this software downloads additional adware offers during setup. The file has been seen being downloaded from storage.googleapis.com and multiple other hosts.

File name:

MD5:

fcb98f22cd34adacd6266fec65e41002

SHA-1:

ac25c364d11291c6fc092ff765ea460a8daf5948

SHA-256:

a777b1c92ab7212fe95c107971e0d5c04960bef19a09fdafc24786466eeea3de

Scanner detections:

24 / 68

Status:

Malware

Analysis date:

4/26/2024 7:16:48 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.GenericKD.2623196

527

Avira AntiVirus

TR/Griffin.233

8.3.1.6

Arcabit

Trojan.Generic.D2806DC

1.0.0.425

avast!

Win32:Malware-gen

2014.9-150826

AVG

Downloader.Banload2

2016.0.3005

Baidu Antivirus

Trojan.Win32.Banload

4.0.3.15826

Bitdefender

Trojan.GenericKD.2623196

1.0.20.1190

Comodo Security

TrojWare.Win32.Trojan.Downloader.~A

22991

Emsisoft Anti-Malware

Trojan-Downloader.Win32.Banload

8.15.08.26.01

ESET NOD32

Win32/TrojanDownloader.Banload.WCL (variant)

9.12085

Fortinet FortiGate

W32/Banload.WCL!tr.dldr

8/26/2015

F-Secure

Trojan.GenericKD.2623196

11.2015-26-08_4

G Data

Trojan.GenericKD.2623196

15.8.25

IKARUS anti.virus

Virus.Win32.DelfInject

t3scan.1.9.5.0

K7 AntiVirus

Trojan-Downloader

13.208.16871

McAfee

Artemis!FCB98F22CD34

5600.6661

Microsoft Security Essentials

TrojanDownloader:Win32/Pumba.D

1.1.11903.0

MicroWorld eScan

Trojan.GenericKD.2623196

16.0.0.714

nProtect

Trojan.GenericKD.2623196

15.08.12.01

Panda Antivirus

Trj/CI.A

15.08.26.01

Sophos

Mal/Generic-S

4.98

Trend Micro

TROJ_GEN.R000C0EHB15

10.465.26

VIPRE Antivirus

Trojan.Win32.Generic

42832

Zillya! Antivirus

Downloader.Banload.Win32.66085

2.0.0.2350

File size:

2.3 MB (2,443,264 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\adobe_flash_player_05_08_2015.exe

File PE Metadata

Compilation timestamp:

6/19/1992 7:22:17 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

49152:YWEJRD6lYlmglDaPrWGnKRpi++hZ8KaVQvCygeoVhTGTP0:YW2kQD+WU+pLYyKaVQKygBC0

Entry address:

0x20872C

Entry point:

55, 8B, EC, 83, C4, F0, B8, 8C, 80, 60, 00, E8, 08, E8, DF, FF, 68, C4, 87, 60, 00, 6A, 00, 6A, 00, E8, F6, EA, DF, FF, E8, 89, EC, DF, FF, 3D, B7, 00, 00, 00, 75, 0C, A1, D8, 5E, 61, 00, 8B, 00, E8, 7A, 18, E7, FF, A1, D8, 5E, 61, 00, 8B, 00, E8, EA, 16, E7, FF, 6A, EC, A1, D8, 5E, 61, 00, 8B, 00, 8B, 40, 30, 50, E8, 80, F5, DF, FF, 0D, 80, 00, 00, 00, 50, 6A, EC, A1, D8, 5E, 61, 00, 8B, 00, 8B, 40, 30, 50, E8, D8, F7, DF, FF, 8B, 0D, 78, 61, 61, 00, A1, D8, 5E, 61, 00, 8B, 00, 8B, 15, 10, 5D, 60, 00, E8... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

2 MB (2,127,872 bytes)

The file adobe_flash_player_05_08_2015.exe has been seen being distributed by the following 2 URLs.

https://storage.googleapis.com/.../Adobe_Flash_Player_2015.exe

https://storage.googleapis.com/.../Adobe_Flash_Player_05_08_2015.exe

Remove adobe_flash_player_05_08_2015.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.