» Flash.exe
Overview
Analysis
File Details
Downloads (236)

Flash.exe

flash setup

Digital Vei,OOO

The file Flash.exe by Digital Vei,OOO has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. It is also typically executed from the user's temporary directory. The file has been seen being downloaded from softnewready.freesearch4u.online and multiple other hosts.

File name:

Flash.exe

Publisher:

Digital Vei,OOO (signed and verified)

Product:

flash setup

Version:

1.0.0.0

MD5:

9a28150f8723cbf0a7e7ae9dedbf5e6e

SHA-1:

c4f07c8c4ce3e7733efff8de82e014488275df50

SHA-256:

3a2f12b209ef7ba7deaf5a5f2dc9f233e17ec17c07f9bc4dd0d5a62916b0e714

Scanner detections:

1 / 68

Status:

Adware

Note:

Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:

5/14/2024 3:00:26 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.installCore.DigitalV.Installer (M)

16.4.16.22

File size:

187.6 KB (192,080 bytes)

Product version:

1.0.0.0

Original file name:

Flash.exe

Language:

Language Neutral

Common path:

C:\users\{user}\appdata\local\temp\d328.tmp

Digital Signature

Signed by:

Digital Vei,OOO

Authority:

COMODO CA Limited

Valid from:

4/23/2015 8:00:00 PM

Valid to:

4/23/2016 7:59:59 PM

Subject:

CN="Digital Vei,OOO", OU=Development 2, O="Digital Vei,OOO", STREET=ul. Bratislavskaya 21 Korp. 1, L=Moscow, S=Moscow, PostalCode=109451, C=RU

Issuer:

CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

0081D507B47243FED522FD7B6AA8ED0F56

File PE Metadata

Compilation timestamp:

4/16/2016 1:08:46 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

3072:+BaNOXGoT1zbWtMUeTkHHRAzQ4IbLHhxy/jJdurUh1T/WLwA6FaC:SaNOXGo5bdQUQ7hxyLur+YMFf

Entry address:

0xC47E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

6.3798

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

41.5 KB (42,496 bytes)

The file Flash.exe has been seen being distributed by the following 50 URLs.

http://softnewready.freesearch4u.online/dl.php?rvcx=3gyYySmOGJCgnf420qkn-OeEVGZVRlkn9f3J8QO71iA.&cid=14322556901460907032&conversion_id=14609070365389&app_id=4&lp_id=1379&v=tribat&stub_id=305&v_id=NFUZlu9Pa6cV9P-8Ab1qwSBZdHj6CU1WCeByK_mOUVA.&lpp=*-*-*

http://nowtestpc.freesearch4u.xyz/dl.php?vjubrnt=CLewqHlWIIChBaR_iGisoxGg9pB7VpPKRIflToz1LAU.&subid=VjJ8NjgyNHwyNjI3NTl8MzYwNTc2fDE0NjA4OTkxNjN8NzQzYWU1YTktOGEzMC00YjNhLWNiNjYtMmFiYTUxZTgwOWUwfDk4LjE5Mi4xMzIuNDZ8fDF8ZmE0M2QyZDdhODkxZWU3NTRmYjUzM2YyNDI0NjIzY2Y=&conversion_id=14608991662541&app_id=4&lp_id=1518&v=tribat&stub_id=305&v_id=Yv12PV42YUAcF3r_kbhfT-NrVNwCIWbf8PeVk-1QfBA.&lpp=w10*-*-*

http://softnewready.applicationtechnica.website/dl.php?ztse=1HOJI1CDkDssym7kB273D6V_MnM1H2ySJgAFJ-UBbMM.&txn_id=f25b94ba-0916-470b-bcfc-c2d882d65da5&sub=429&conversion_id=14613655858851&app_id=4&lp_id=1401&v=tribat&stub_id=305&v_id=yAkBt91q3Muo4IReHL5Bgr8p-I8E3QKff1AmOnZ_Obg.&lpp=*-*-*

http://upgradeget.clickonupdate.site/dl.php?vuctr=V6ggtPSfPBnjgGPLPRg1F8RvkCX3npdk8pUvwP5LaCY.&cid=30440372021461014362&conversion_id=14610144346081&app_id=4&lp_id=1362&v=tribat&stub_id=305&v_id=Le7kk8-1H58nxHXZH-P_u8ZGaUKMbiRShF19w8_Cqok.&lpp=No match

http://upgradeget.clickonupdate.site/dl.php?vuctr=zo1y2Xi9PFo46XICdALWKY7Iv7iHEX4a2b2o8JXIESo.&cid=13323537831460980379&conversion_id=14609803815729&app_id=4&lp_id=954&v=tribat&stub_id=305&v_id=NOfJ7AIVxAO55Xihlevt224L4vnL2UJZkgHCp4bgIns.&lpp=*-*-*

http://newupdate.newsearch2update.top/dl.php?vfgse=sMBycfqvPa_0a0ERkVjxMC-GoM0nWgBAhHPkmhCmIq0.&cid=19975117931461054433&conversion_id=14610544480227&app_id=4&lp_id=1594&v=tribat&stub_id=305&v_id=Cayg2vbd19GssT9ZlxYrqXEB_e-BpSa1Pu8ZxuIHUMU.&lpp=*-*-*

http://update.soft2download.website/dl.php?dfs=qU3Z7XUlfImHuT1FQ4EPPqG1uIwy8JoStrTO-HH4cqA.&cid=1461339228mb20384958705&conversion_id=14613392284967&app_id=129&lp_id=1590&v=tribat&stub_id=305&v_id=lwvzUJhPTweOfWFQzm5yVZFXXrv34a3H2976K0V-EZU.&lpp=*-*-*

http://update.soft2download.website/dl.php?dfs=2IoEeC7_3Qqcv4ZGCdA_8-hpaDsMjH5dIUOAGEfjnpw.&cid=6345871331461361024&conversion_id=14613610304889&app_id=4&lp_id=954&v=tribat&stub_id=305&v_id=rwyUThP4N7TfJMKr_-fmJMAQ-CZTe-6KCr92b9xDiJQ.&lpp=*-*-*

http://upgrader.clickonupdate.top/dl.php?hbyvr=GGV_Pu71bPhU1fj6-XpWEl_dWmYEEwvaFUfmluMZi4I.&cid=8&sid=[SUB_ID]&conversion_id=14611362141932&app_id=4&lp_id=1362&v=tribat&stub_id=305&v_id=dMt_0EJuP26hOyXrc7cvYtInvfVcGnp2l_knMM646N0.&lpp=*-*-*

http://upgradepc.clickonupdate.top/dl.php?hgtd=GGV_Pu71bPhU1fj6-XpWEl_dWmYEEwvaFUfmluMZi4I.&cid=8&sid=[SUB_ID]&conversion_id=14612088153089&app_id=4&lp_id=1362&v=tribat&stub_id=305&v_id=HT7Gqram-mbLHjzJDb2JQKE7LL-dK_C2rCzKgqXYvds.&lpp=*-*-*

http://askupdate.safesystemupdate.website/dl.php?fecw=Fgpsb5_0EEq9XI_O0QViPaSKgkibIftbZv3o0I39ENI.&cid=P23P11R4609529368175223569&sub=4057&conversion_id=14609529374068&app_id=63&lp_id=1551&v=tribat&stub_id=305&v_id=W1mlZBA5jOfZff8UDA9MxOLPauInvNVPY2wgN39KzCE.&lpp=w10*-*-*

http://upgradeget.clickonupdate.site/dl.php?vuctr=zfhHF5uIJPwUCaQYl1z7-xUZ2Mfj7SDh7iR5biCspo8.&cid=13847106211460996936&conversion_id=14609970328245&app_id=4&lp_id=1379&v=tribat&stub_id=305&v_id=DDBZJZs3JE5yEGSV494FY_66njVaMulZdLsMDQJAAZY.&lpp=No match

http://upgradepc.clickonupdate.top/dl.php?hgtd=GGV_Pu71bPhU1fj6-XpWEl_dWmYEEwvaFUfmluMZi4I.&cid=8&sid=[SUB_ID]&conversion_id=14612062818688&app_id=4&lp_id=1362&v=tribat&stub_id=305&v_id=RB2DyGWNuO0JXdbb6VY6MknWGCX1hSEfaz2iPPOHpB0.&lpp=*-*-*

http://upgradeget.clickonupdate.site/dl.php?frwg=HbI8PZesB2uzf13vvEFBoUX5NGqibPflTStP7fu8ZXU.&cid=P23P9R4608475276836231022&sub=4055&conversion_id=14608475284308&app_id=129&lp_id=1613&v=tribat&stub_id=305&v_id=S-zhNNyBWRwWfDBH9aWdhG8Rfuoe85RYigih_RI-WBg.&lpp=w10*-*-*

http://upgradeget.clickonupdate.site/dl.php?vuctr=0ZK6LYwE9Q89ZaLgS0HdFWuVwpKYydTITyVX2MxrCbo.&cid=13832198701460996733&conversion_id=14609967439615&app_id=4&lp_id=1594&v=tribat&stub_id=305&v_id=ND9-j84ugUC7MDwv4GCKPjKLY0ZDDL0vD51fGbJupJM.&lpp=No match

http://nowinstallupgrade.freesearch4u.xyz/dl.php?dxutc=ZxrV_OANvY1iqwsEsGh20_KbPr73Un2Fcl5u1FJJTzA.&cid=10915&sid=102e42cd8bfbe9ac5f5a7a3d9cf61f&conversion_id=14609415141991&app_id=4&lp_id=1569&v=tribat&stub_id=305&v_id=2uoLyGVpquCp6og0FKeCwvxsmRn5aQIhFYGrucHjmMY.&lpp=*-*-*

http://keyupgrade.applicationtechnica.xyz/dl.php?rjet=FOxpjjPbb5uWJF4egS_a5iOG8oqZgkc60zinEq__lyo.&cid=P23P11R4612074016705351331&sub=3903&conversion_id=14612074033783&app_id=4&lp_id=1175&v=tribat&stub_id=305&v_id=qi3z59WGKkaE0AFTswoGU2B7Bms9n1QDv9YDYfjrA7E.&lpp=*-*-*

http://update.soft2download.website/dl.php?dfs=0ZK6LYwE9Q89ZaLgS0HdFWuVwpKYydTITyVX2MxrCbo.&cid=28852520471461210687&conversion_id=14612106921254&app_id=4&lp_id=1594&v=tribat&stub_id=305&v_id=Y4DDFTJQN0A2KztpxU5QZjhh_22n8HEf27LneJZHyD4.&lpp=*-*-*

http://liveupdate.newsearch2update.tech/dl.php?gtrh=_cyh1oEmbybn7m8Cxmo-s9kM_Ls_aQ_oI5B4Xeo4UXs.&cid=VjJ8NTAxNnwyODM5MDd8NDAxMTkxfDE0NjEzMzQxNzd8YjFhNGNmY2UtZTIxMy00ZTAyLWNlN2MtZGUzOTZlMGY4M2RifDgxLjE2My4yMDEuMTYxfHwzfDAxM2QwM2NjM2EyZWZmMzMwNjA2Y2NhNzIzNWQ4Yzcy&sub=2007&conversion_id=14613341781899&app_id=4&lp_id=1515&v=tribat&stub_id=305&v_id=uP_k1fHjEGWoFaYrYhzGQcZ765gKRUvsQtZovNPfMVM.&lpp=*-*-*

http://upgradeget.clickonupdate.site/dl.php?vuctr=3gyYySmOGJCgnf420qkn-OeEVGZVRlkn9f3J8QO71iA.&cid=7883535471460985734&conversion_id=14609857393934&app_id=4&lp_id=1594&v=tribat&stub_id=305&v_id=-LyLZpYCkqlwJgKeMydE12a4I31GxlxRODnKrHW4qRQ.&lpp=*-*-*

http://upgradepc.clickonupdate.top/dl.php?hgtd=mwK9xqzoV7CJFZFuMzUljhhSqRfSzOS0OjpXu8EpXWQ.&cid=MTA4MHw1MjEyfFVLfDN8MXwxMDBfXzY1MHxjekp6KlRrUlZhazFxVlhoTmFVMTVUWHBuYWs1cVZYZG1SR042VFdwb09GWlZkRGhOTTNkNFpraDRPR1I2V1RGbFdHOTRXVlJDTUdNelduTm1RUX5jM1ZpYVdRKk1UQXd8fA&conversion_id=14613356205880&app_id=4&lp_id=1602&v=tribat&stub_id=305&v_id=J91XpC1ZlcDhGDeEeHdUD88hFTw60VMi9spTNr5s9A0.&lpp=*-*-*

http://upgradeget.clickonupdate.site/dl.php?vuctr=zo1y2Xi9PFo46XICdALWKY7Iv7iHEX4a2b2o8JXIESo.&cid=5316641911460995100&conversion_id=14609951017633&app_id=4&lp_id=1362&v=tribat&stub_id=305&v_id=2xmRvEoUz67dSg5trAuvoyNTE4cW1GW3lAvEIYZeEnk.&lpp=*-*-*

http://askupdate.safesystemupdate.website/dl.php?fecw=JEZUCP9ythHm1KfOKYRUzQJerVL6zvgzPdolGyU62F0.&cid=170105663874&conversion_id=14610496870629&app_id=4&lp_id=1362&v=tribat&stub_id=305&v_id=T-bl5I-rNpUAIEqYRamIt7IQoBuVWlUdZQnh8kQLJ7s.&lpp=*-*-*

http://updatelive.soft-video.club/dl.php?terw=-xRMXj34Npoq2oM8sE2gTM8sZWadTg2jeB3lSlHiqko.&subid=VjJ8MjkyMjF8MjUyMTU5fDQwMTE5MXwxNDYxMDExMDE4fGI5ZjQ5N2E1LTk4NTAtNDYwMy1jNjI3LWZhZGQyMDM1MTI2N3wyLjIyMS43Ni4xMTd8fDJ8ZTMwOWFlOTA5ODU1OTMyMDRhNGE5ZWYzNDQwYjkyYjI=&conversion_id=14610110208575&app_id=129&lp_id=1543&v=tribat&stub_id=305&v_id=8vqb-02knvlu7AuBul1BT-wSrngPqOWiTa8Uwttenvs.&lpp=*-*-*

http://finishedupdate.whenupdateswork.xyz/dl.php?ewf=MANbCuk1sPhHlVhpWelL-lHegr7IMAdWR6gHAJbEFPc.cid=30979493351461212202&sub=458341&conversion_id=14612122055353&app_id=4&lp_id=1208&v=tribat&stub_id=305&v_id=_oVOE0C53YjgprRhBF73P3eyzGd4IEUVt3GA1DxArDM.&lpp=*-*-*

http://update.soft2download.website/dl.php?dfs=JEZUCP9ythHm1KfOKYRUzQJerVL6zvgzPdolGyU62F0.&cid=174272846006&conversion_id=14612540580858&app_id=4&lp_id=1362&v=tribat&stub_id=305&v_id=P0OmhaZc97EgqvCYd71qfA772419rKUT8ec63lnR9x4.&lpp=*-*-*

http://upgradeinstall.clickonupdate.site/dl.php?gters=ixCD18FVNFrzvqXPojRYqImzd7RCg-m6oRQWVazMq3E.&subid=VjJ8MzI0MnwyNjA2NDh8NDAxMTkxfDE0NjA5Nzc5NjZ8MDc1ZTQ3NTAtOTJjOS00MWRjLWMxNGUtYzcwYTIyZTI5ODM2fDE4NS4yNy4xMDUuOTl8fDF8MWUyYmJiOWE3NmI0MDNkMTdlMDlhYzE2ZWQ5MTZiMWM=&conversion_id=14609780044515&app_id=4&lp_id=1526&v=tribat&stub_id=305&v_id=GrL6xj55XL0nnHYTRDa_ENlNsrqKphA1E7iOrvtQSsE.&lpp=*-*-*

http://upgradeget.clickonupdate.site/dl.php?vuctr=Iu5sv4NYl_zlgN93nmUm2GAAg-MzAOgMZUlagyP7ABQ.&cid=MTA1MHw1MjA1fEJSfDN8MXx8Y3pKeipTazFETVRVeE5sODNVVk5SUVRaMVVWOWhMVkJrUWxSQ1dGRm9TRXhSfHw&conversion_id=14610228581362&app_id=4&lp_id=1543&v=tribat&stub_id=305&v_id=328EdVHdJYx7reCCwLlj_wTp-d2lIc26GJM9RatltuQ.&lpp=*-*-*

http://softnewready.freesearch4u.online/dl.php?rvcx=mwK9xqzoV7CJFZFuMzUljhhSqRfSzOS0OjpXu8EpXWQ.&cid=MTA4MHw1MjEyfENBfDN8MXwxNDBfXzg3N3xjekp6KlRrUlZhazFxVlRGUFEwMTVUWHBuYWs5RVl6Tm1SR042VDBSR09GRXdSamhOTTNkNFpraDRhbVZyY0RaTGJGSlhUMGhvVG1Gc2F6QlViWEJLVFRBNVZWWlVVazVOYkd3MlYyMHhUazFGTlhGWGJYQk9aV3RWZDFSdGNFSk9WVEZ4VmxSQ1RtVnNiRGhpYldjMVkycEdjR050Vm10amFtUnhaa0V-YzNWaWFXUSpNVFF3fHw&conversion_id=14609253878408&app_id=4&lp_id=1543&v=tribat&stub_id=305&v_id=aAbNq8gbHla4nFiRowHC9Wr1V_jpPCieQKBIlrozXuU.&lpp=*-*-*

http://upgradeget.clickonupdate.site/dl.php?vuctr=zo1y2Xi9PFo46XICdALWKY7Iv7iHEX4a2b2o8JXIESo.&cid=20015854531461019189&conversion_id=14610191962026&app_id=4&lp_id=1550&v=tribat&stub_id=305&v_id=MVlTErh3yZTyoEuurL8_ZgTV7h1lpbQ7-RHSU8gBMeA.&lpp=*-*-*

Latest 30 of 236 download URLs

Remove Flash.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.