home

flash_player_14_plugin.exe

Plugin Update SL

This is the Softpulse installer which bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed with minimal consent. The application flash_player_14_plugin.exe by Plugin Update SL has been detected as adware by 18 anti-malware scanners. The program is a setup application that uses the Softpulse SoftwareBundler installer.
Publisher:
Plugin Update SL  (signed and verified)

MD5:
bc7009ed31cb47853995980b1523801f

SHA-1:
de392a45b77e69f60c991c6baef021ccad4c850f

SHA-256:
4c56303dd544ab6c8dc6c7dfd67c5a700e125eee995f0b8698bb25a9c9a50988

Scanner detections:
18 / 68

Status:
Adware

Description:
This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:
4/24/2024 11:42:19 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

Agnitum Outpost
Riskware.Agent
7.1.1

AhnLab V3 Security
PUP/Win32.DomaIQ
2014.08.26

Avira AntiVirus
TR/Dropper.Gen
7.11.30.172

avast!
Win32:SoftPulse-X [PUP]
140813-1

AVG
Win.Threat.High
2014.0.4007

Dr.Web
Trojan.DownLoader11.24441
9.0.1.05190

ESET NOD32
Win32/SoftPulse.J potentially unwanted application
7.0.302.0

IKARUS anti.virus
PUA.SoftPulse
t3scan.1.7.5.0

K7 AntiVirus
Unwanted-Program
13.183.13160

Malwarebytes
PUP.Optional.DomaIQ.Gen
v2014.08.26.03

McAfee
Socrydo
5600.7027

NANO AntiVirus
Trojan.Win32.DownLoader11.ddvhzo
0.28.2.61861

Panda Antivirus
Trj/Genetic.gen
14.08.26.03

Qihoo 360 Security
Malware.QVM10.Gen
1.0.0.1015

Reason Heuristics
PUP.PluginUpdateSL.W
14.8.26.3

Sophos
SoftPulse
4.98

VIPRE Antivirus
Threat.4150696
32210

Zillya! Antivirus
Adware.Agent.Win32.11263
2.0.0.1901

File size:
1.3 MB (1,373,904 bytes)

File type:
Executable application (Win32 EXE)

Bundler/Installer:
Softpulse SoftwareBundler

Common path:
C:\users\{user}\downloads\flash_player_14_plugin.exe

Digital Signature
Signed by:
Plugin Update SL

Authority:
VeriSign, Inc.

Valid from:
6/11/2014 9:00:00 PM

Valid to:
6/12/2015 8:59:59 PM

Subject:
CN=Plugin Update SL, O=Plugin Update SL, L=Guia De Isora, S=Tenerife, C=ES

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
01438AF7C5B708CB0E497C84D028BF72

File PE Metadata
Compilation timestamp:
8/14/2014 5:04:45 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
24576:NS6Cqp3hVbl9HxvLhgAFlMlCcmpElsnevdxK1NpM:cqp3LDxdg4lMASl9dxKn6

Entry address:
0x3DF6

Entry point:
E8, 09, 27, 00, 00, E9, 7F, FE, FF, FF, 57, 56, 8B, 74, 24, 10, 8B, 4C, 24, 14, 8B, 7C, 24, 0C, 8B, C1, 8B, D1, 03, C6, 3B, FE, 76, 08, 3B, F8, 0F, 82, 68, 03, 00, 00, 0F, BA, 25, F4, 95, 41, 00, 01, 73, 07, F3, A4, E9, 17, 03, 00, 00, 81, F9, 80, 00, 00, 00, 0F, 82, CE, 01, 00, 00, 8B, C7, 33, C6, A9, 0F, 00, 00, 00, 75, 0E, 0F, BA, 25, A8, 80, 41, 00, 01, 0F, 82, DA, 04, 00, 00, 0F, BA, 25, F4, 95, 41, 00, 00, 0F, 83, A7, 01, 00, 00, F7, C7, 03, 00, 00, 00, 0F, 85, B8, 01, 00, 00, F7, C6, 03, 00, 00, 00...
 
[+]

Code size:
61.5 KB (62,976 bytes)

Remove flash_player_14_plugin.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.