» chromium_flash.x86_64.exe
Overview
Analysis
File Details
Downloads (1)

chromium_flash.x86_64.exe

Hudson CI Nightly

The executable chromium_flash.x86_64.exe has been detected as malware by 23 anti-virus scanners. This is a setup program which is used to install the application. According to AVG, this software downloads additional adware offers during setup. The file has been seen being downloaded from hizli-seyret.googlecode.com.

File name:

Product:

Hudson CI Nightly

Version:

1.2

MD5:

29a1b1677cbf1345c63b0c047f875036

SHA-1:

d9c58b150596e2ed7ec758436ebfb0c90ad57e82

SHA-256:

2b3653d3dea8a90ab2627f2c64b32e7d7bf830c951a0f12c811198bdd0d87b2c

Scanner detections:

23 / 68

Status:

Malware

Analysis date:

4/26/2024 8:51:37 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Kazy.367484

1014

Agnitum Outpost

Trojan.DL.Agent

7.1.1

Avira AntiVirus

TR/Kazy.367484

7.11.145.56

avast!

Win32:Malware-gen

2014.9-140427

AVG

Downloader.Generic13

2015.0.3492

Baidu Antivirus

Trojan.Win32.Downloader

4.0.3.14427

Bitdefender

Gen:Variant.Kazy.367484

1.0.20.585

Comodo Security

UnclassifiedMalware

18165

Emsisoft Anti-Malware

Gen:Variant.Kazy.367484

8.14.04.27.05

ESET NOD32

Win32/TrojanDownloader.Agent.AKK

8.9720

Fortinet FortiGate

W32/Agent.AKK!tr.dldr

4/27/2014

F-Secure

Gen:Variant.Kazy.367484

11.2014-27-04_1

G Data

Gen:Variant.Kazy.367484

14.4.24

IKARUS anti.virus

Win32.SuspectCrc

t3scan.1.6.1.0

K7 AntiVirus

Trojan-Downloader

13.176.11873

McAfee

Artemis!29A1B1677CBF

5600.7148

Microsoft Security Essentials

Trojan:Win32/Magentos

1.10502

MicroWorld eScan

Gen:Variant.Kazy.367484

15.0.0.351

Norman

Troj_Generic.TNZES

11.20140427

Qihoo 360 Security

Win32/Trojan.ddc

1.0.0.1015

Trend Micro House Call

TROJ_SPNR.11DM14

7.2.117

Trend Micro

TROJ_SPNR.11DM14

10.465.27

VIPRE Antivirus

Trojan.Win32.Generic

28592

File size:

303.5 KB (310,784 bytes)

Product version:

1.2

File type:

Executable application (Win32 EXE)

Language:

Turkish (Turkey)

Common path:

C:\users\{user}\downloads\chromium_flash.x86_64.exe

File PE Metadata

Compilation timestamp:

4/15/2014 1:56:51 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

6144:hLGy63HH/11Q4XsCV6+HHJR+jCiGOJcoTh6YY1:hLG/ff58/+HHJ6CiGOyoT8Y

Entry address:

0xD0C0

Entry point:

8B, FF, 55, 8B, EC, E8, 56, C1, 00, 00, E8, 11, 00, 00, 00, 5D, C3, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 8B, FF, 55, 8B, EC, 6A, FE, 68, 58, 59, 43, 00, 68, 50, 5E, 41, 00, 64, A1, 00, 00, 00, 00, 50, 83, C4, 94, 53, 56, 57, A1, CC, 72, 43, 00, 31, 45, F8, 33, C5, 50, 8D, 45, F0, 64, A3, 00, 00, 00, 00, 89, 65, E8, C7, 45, 90, 00, 00, 00, 00, C7, 45, FC, 00, 00, 00, 00, 8D, 45, A0, 50, FF, 15, B8, C0, 42, 00, C7, 45, FC, FE, FF, FF, FF, EB, 26, B8, 01, 00, 00, 00, C3, 8B, 65, E8, C7... 
[+]

Code size:

172 KB (176,128 bytes)

The file chromium_flash.x86_64.exe has been seen being distributed by the following URL.

https://hizli-seyret.googlecode.com/.../Chromium_Flash.x86_64.exe

Remove chromium_flash.x86_64.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.