» adskflex.exe
Overview
Analysis
File Details

adskflex.exe

The executable adskflex.exe has been detected as malware by 38 anti-virus scanners. Infected by a mass-mailing worm and virus that sends itself to email addresses gathered from the compromised computer and exploits remote vulnerabilities and attempts to infect files.

File name:

adskflex.exe

MD5:

fca3b5336e4122ada73edd9a4ab22e36

SHA-1:

c7e4407626e99d4d2a67a879ab7f777d914aff89

SHA-256:

e63f1c75ac1d449f18caaa6815a540d01c15ccfdef38c7d250b238b4a04be510

Scanner detections:

38 / 68

Status:

File is infected by a Virus

Explanation:

The file is infected by a polymorphic file infector virus.

Analysis date:

4/25/2024 12:44:08 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Win32.Runouce.B@mm

833

Agnitum Outpost

I-Worm.Chir.B

7.1.1

AhnLab V3 Security

Win32/ChiHack.6652

14.10.24

Avira AntiVirus

W32/Chir.B

7.11.141.154

avast!

Win32:Oncer

2014.9-140813

AVG

Win32/Chir.B@mm

2015.0.3311

Baidu Antivirus

Virus.Win32.Runouce.$a

4.0.3.141024

Bitdefender

Win32.Runouce.B@mm

1.0.20.1485

Bkav FE

W32.ChirBPE

1.3.0.4959

Comodo Security

EmailWorm.Win32.Runonce.~v001

18058

Dr.Web

Win32.Runonce.6652

9.0.1.0297

Emsisoft Anti-Malware

Win32.Runouce.B@mm

8.14.10.24.11

ESET NOD32

Win32/Madang (variant)

8.9639

Fortinet FortiGate

W32/Chir.B@mm

10/24/2014

F-Prot

W32/Thecid.B@mm

v6.4.7.1.166

F-Secure

Win32.Runouce.B@mm

11.2014-24-10_6

G Data

Win32.Runouce.B@mm

14.10.24

IKARUS anti.virus

Email-Worm.Win32.Runouce

t3scan.2.2.29

K7 AntiVirus

EmailWorm

13.176.11663

Kaspersky

Email-Worm.Win32.Runouce

14.0.0.3050

Malwarebytes

Virus.Chir

v2014.10.24.11

McAfee

W32/Chir.b@MM

5600.6967

Microsoft Security Essentials

Virus:Win32/Chir.B@mm

1.10401

MicroWorld eScan

Win32.Runouce.B@mm

15.0.0.891

NANO AntiVirus

Virus.Win32.Runouce.bxafx

0.28.0.58873

Norman

Agent.VAFM

11.20141024

nProtect

Win32.Runouce.B@mm

14.04.06.01

Panda Antivirus

W32/Chir.B

14.10.24.11

Qihoo 360 Security

Virus.Win32.CNHacker.C

1.0.0.1015

Quick Heal

W32.Runouce.B

10.14.12.00

Rising Antivirus

PE:Worm.ChineseHacker-2!23772

23.00.65.141022

Sophos

W32/Chir-A

4.98

Total Defense

Win32/Chir.B

37.0.10861

Trend Micro House Call

WORM_CHIR1

7.2.297

Trend Micro

WORM_CHIR1

10.465.24

Vba32 AntiVirus

Virus.Win32.Chur.A

3.12.26.0

VIPRE Antivirus

Win32.chir.b

28078

ViRobot

Win32.Chir.B

2011.4.7.4223

File size:

1.1 MB (1,159,168 bytes)

File type:

Executable application (Win32 EXE)

File PE Metadata

Compilation timestamp:

7/12/2005 9:24:01 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

7.10

CTPH (ssdeep):

24576:JSO7nDJaueI/kB9kSkzdCnNOcl8Feqqa0OBS+n7h5vs8yLo:n7nVaueI/kB9kcnqmOBp95vs8y

Entry address:

0x97CA5

Entry point:

6A, 18, 68, C8, 10, 4F, 00, E8, 37, 3D, 00, 00, BF, 94, 00, 00, 00, 8B, C7, E8, D3, FE, FF, FF, 89, 65, E8, 8B, F4, 89, 3E, 56, FF, 15, 4C, E2, 4E, 00, 8B, 4E, 10, 89, 0D, 48, 1D, 51, 00, 8B, 46, 04, A3, 54, 1D, 51, 00, 8B, 56, 08, 89, 15, 58, 1D, 51, 00, 8B, 76, 0C, 81, E6, FF, 7F, 00, 00, 89, 35, 4C, 1D, 51, 00, 83, F9, 02, 74, 0C, 81, CE, 00, 80, 00, 00, 89, 35, 4C, 1D, 51, 00, C1, E0, 08, 03, C2, A3, 50, 1D, 51, 00, 33, FF, 57, FF, 15, 64, E0, 4E, 00, 66, 81, 38, 4D, 5A, 75, 1F, 8B, 48, 3C, 03, C8, 81... 
[+]

Developed / compiled with:

Microsoft Visual C++ v7.0

Code size:

948 KB (970,752 bytes)

Remove adskflex.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.