home

flash_player.exe

Flash Player 11

ARES BILGI TEKN.OFISSIST.YAZIL.REKL.INS.SAN.VE TIC.LTD.STI.

The application flash_player.exe, “Adobe Flash Player” by ARES BILGI TEKN.OFISSIST.YAZIL.REKL.INS.SAN.VE TIC.LTD.STI has been detected as a potentially unwanted program by 27 anti-malware scanners.
Publisher:
Adobe  (signed by ARES BILGI TEKN.OFISSIST.YAZIL.REKL.INS.SAN.VE TIC.LTD.STI.)

Product:
Flash Player 11

Description:
Adobe Flash Player

Version:
3.02

MD5:
7a98bcb1f8b22f31e4373b2886091048

SHA-1:
8b2a1021123ad50ecdd7405e678610b6145c308d

SHA-256:
1a1f2b6dab2936995adb669f71d7b06690d8c41f97f2aef281e8d01e893d0083

Scanner detections:
27 / 68

Status:
Potentially unwanted

Analysis date:
4/26/2024 10:14:14 AM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Trojan.FKM
7.1.1

AhnLab V3 Security
Trojan/Win32.VBKrypt
2013.10.08

Avira AntiVirus
TR/Crypt.FKM.Gen
7.11.106.64

avast!
Win32:StartPage-APJ
2014.9-140622

AVG
Generic32
2015.0.3436

Bitdefender
Trojan.GenericKDV.1261380
1.0.20.865

Bkav FE
W32.Clodd14.Trojan
1.3.0.4246

Comodo Security
UnclassifiedMalware
17071

Dr.Web
Adware.Downware.1084
9.0.1.0173

Emsisoft Anti-Malware
Trojan.GenericKDV.1261380
8.14.06.22.02

ESET NOD32
Win32/Downloader.VB (variant)
8.8888

Fortinet FortiGate
W32/Downloader_VB.C
6/22/2014

F-Secure
Trojan.GenericKDV.1261380
11.2014-22-06_1

G Data
Trojan.GenericKDV.1261380
14.6.22

IKARUS anti.virus
Win32.SuspectCrc
t3scan.2.0.127

K7 AntiVirus
Riskware
13.173.9807

Kaspersky
Trojan.Win32.VBKrypt
14.0.0.3674

McAfee
Artemis!7A98BCB1F8B2
5600.7092

Microsoft Security Essentials
Trojan:Win32/Preflayer.A
1.163.1557.0

MicroWorld eScan
Trojan.GenericKDV.1261380
15.0.0.519

Panda Antivirus
Generic Malware
14.06.22.02

Quick Heal
Trojan.Preflayer
6.14.12.00

Sophos
Mal/Generic-S
4.93

Trend Micro House Call
TROJ_GEN.R047H01ID13
7.2.173

Trend Micro
TROJ_GEN.R0CBOC0FE13
10.465.22

Vba32 AntiVirus
TScope.Trojan.VB
3.12.24.3

VIPRE Antivirus
Trojan.Win32.Generic
22190

File size:
524.6 KB (537,216 bytes)

Product version:
3.02

Copyright:
2013 Ad

Trademarks:
2013 Ad

Original file name:
flash.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\flash_player.exe

Digital Signature
Signed by:
ARES BILGI TEKN.OFISSIST.YAZIL.REKL.INS.SAN.VE TIC.LTD.STI.

Authority:
Thawte, Inc.

Valid from:
2/11/2013 2:00:00 AM

Valid to:
2/12/2014 1:59:59 AM

Subject:
CN=ARES BILGI TEKN.OFISSIST.YAZIL.REKL.INS.SAN.VE TIC.LTD.STI., O=ARES BILGI TEKN.OFISSIST.YAZIL.REKL.INS.SAN.VE TIC.LTD.STI., L=Bursa, S=Bursa, C=TR

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
2265C416F34DF155C7269A9231F6EB91

File PE Metadata
Compilation timestamp:
3/26/2013 1:23:53 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:2fnSk4LqYrsYNKn8SedShe4QTngkNK/z0TbZe0ImBgO4H:inBYrsYNSejNKAP5ImBgO4H

Entry address:
0x19A0

Entry point:
68, 90, 58, 47, 00, E8, EE, FF, FF, FF, 00, 00, 58, 00, 00, 00, 30, 00, 00, 00, 50, 00, 00, 00, 40, 00, 00, 00, D4, 9B, FD, A9, 7D, 0C, B6, 4A, A2, 8E, 5B, 60, 2C, 36, 19, DB, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 2D, 43, 30, 30, 30, 2D, 50, 72, 6F, 6A, 65, 63, 74, 31, 00, 30, 34, 36, 7D, 23, 32, 2E, 46, 6C, 61, 73, 68, 20, 50, 6C, 61, 79, 65, 72, 20, 31, 31, 00, 00, 73, 74, 65, 6D, 33, 32, 5C, C8, 00, 00, 00, A0, 00, 00, 00, 00, 00, 00, 00, 02, 00, 00, 00, 04, 00, 00, 00, 95, 37, E1, 8D, BB, 89, 4B, 40...
 
[+]

Developed / compiled with:
Microsoft Visual Basic v5.0/v6.0

Code size:
504 KB (516,096 bytes)

Remove flash_player.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.