» codec.exe
Overview
Analysis
File Details
Downloads (1)

codec.exe

Flawless Codec

Flawless Technology

The application codec.exe by Flawless Technology has been detected as a potentially unwanted program by 14 anti-malware scanners. The file has been seen being downloaded from 162.243.23.35.

File name:

codec.exe

Publisher:

Flawless Technology (signed and verified)

Product:

Flawless Codec

Version:

1.0.0

MD5:

0c29875e4a55a7ac7cf2459e8f298fa0

SHA-1:

33aa235ebac399325b50557dc8c630f3e1e2c5b1

SHA-256:

a79a4d3c2f4c35c07455d81f9a34463c417dbc75771d569c053df69fd9f1a4f5

Scanner detections:

14 / 68

Status:

Potentially unwanted

Analysis date:

4/23/2024 8:53:13 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.GenericKD.1626112

1032

Bitdefender

Trojan.GenericKD.1626112

1.0.20.490

Dr.Web

Adware.Downware.2357

9.0.1.098

Emsisoft Anti-Malware

Trojan.GenericKD.1626112

8.14.04.08.12

F-Secure

Trojan.GenericKD.1626112

11.2014-08-04_3

G Data

Trojan.GenericKD.1626112

14.4.24

IKARUS anti.virus

Trojan.SuspectCRC

t3scan.1.6.1.0

K7 AntiVirus

Riskware

13.176.11684

McAfee

Artemis!0C29875E4A55

5600.7166

MicroWorld eScan

Trojan.GenericKD.1626112

15.0.0.294

NANO AntiVirus

Riskware.Win32.Downware.cvzqjs

0.28.0.59048

nProtect

Trojan.GenericKD.1626112

14.04.08.01

Reason Heuristics

PUP.FlawlessTechnology.F

14.7.27.14

Trend Micro House Call

TROJ_GEN.F47V0331

7.2.98

File size:

2.3 MB (2,444,240 bytes)

Product version:

1.0.0

Original file name:

Flawless Codec v2 DealPly.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\downloads\codec.exe

Digital Signature

Signed by:

Flawless Technology

Authority:

Flawless Technology

Valid from:

1/28/2014 5:00:00 AM

Valid to:

1/28/2015 5:00:00 AM

Subject:

CN=Flawless Technology

Issuer:

CN=Flawless Technology

Serial number:

846C60F5207341B44437AAE3B866DE77

File PE Metadata

Compilation timestamp:

12/10/2013 10:33:54 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

49152:d5HAnvf56hquhnte8knRdsJUkzrQjU0OQAVJgcCE5Q6f4RiIERYfvHZp1JumB:d5g35mquhn4sWAVJrC6Q6zYfvZpymB

Entry address:

0xB83CA

Entry point:

E8, D9, C9, 00, 00, E9, 79, FE, FF, FF, 8B, FF, 55, 8B, EC, 8D, 45, 14, 50, 6A, 00, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, 7F, FB, FF, FF, 83, C4, 14, 5D, C3, E8, 26, 0C, 00, 00, 8B, 48, 6C, 3B, 0D, B8, A0, 52, 00, 74, 10, 8B, 0D, D0, 9F, 52, 00, 85, 48, 70, 75, 05, E8, 12, 17, 00, 00, A1, B8, 93, 52, 00, C3, CC, CC, CC, CC, CC, CC, CC, CC, 8B, 44, 24, 0C, 53, 85, C0, 74, 52, 8B, 54, 24, 08, 33, DB, 8A, 5C, 24, 0C, F7, C2, 03, 00, 00, 00, 74, 16, 8A, 0A, 83, C2, 01, 32, CB, 74, 72, 83, E8, 01, 74, 32, F7... 
[+]

Entropy:

6.4937

Code size:

946.5 KB (969,216 bytes)

The file codec.exe has been seen being distributed by the following URL.

http://162.243.23.35/.../Codec.exe

Remove codec.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.