» flashplayer.exe
Overview
Analysis
File Details
Downloads (14)

flashplayer.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from iron.zbane.com and multiple other hosts.

File name:

flashplayer.exe

MD5:

c1beb514fc1fcaa42fe04e3c5bb3637f

SHA-1:

148bc4f332000a5a4f3fb7a89d86aa3c18d04dda

SHA-256:

fb0174e76e8fc9c720baedd767b7be3ba5b881cf0a4b59410418b6bfd606b1b3

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/18/2024 11:14:03 PM UTC (a few moments ago)

File size:

70.5 KB (72,172 bytes)

File type:

Executable application (Win64 EXE)

Common path:

C:\users\{user}\downloads\flashplayer.exe

File PE Metadata

OS bitness:

Win64

CTPH (ssdeep):

1536:06A22qpRUV8feqN3Ixbibywd02IR+0K8ksj9SL+04tBdvY605lq:TppS8WqN3I+0bbke9Sv4tTvCa

Entry point:

50, 4B, 03, 04, 14, 03, 00, 00, 08, 00, 5C, A3, 9B, 41, B9, A7, 14, 85, B7, 2D, 00, 00, E4, 8B, 00, 00, 0A, 00, 00, 00, 4C, 49, 43, 45, 4E, 43, 45, 2E, 6D, 64, 84, 59, 5B, 6F, 2B, 35, 10, 7E, AF, D4, FF, 60, E5, 85, 53, 29, 94, DB, 03, E2, 22, 24, 38, 14, 38, 08, 4A, 45, B9, 88, 47, 67, D7, 49, 4C, 77, ED, 60, 7B, 13, C2, AF, E7, 9B, 19, 4F, 9C, 6D, CA, 01, 09, 41, BA, DE, F1, 5C, BE, F9, E6, B2, E6, 85, 7F, BE, BD, FF, D5, 7C, 7B, 77, 7F, F7, F3, 97, 3F, 98, 87, 5F, BF, FA, E1, CD, 6B, 83, 7F, EF, EE, 1F... 
[+]

The file flashplayer.exe has been seen being distributed by the following 14 URLs.

http://iron.zbane.com/MAIN/.../flvplayer.php?cc=BR&url=http://www.zbane.com/MAIN/.../flashplayer.exe&name=flashplayer&m=__sitename__&ymid=-_-NTFjN18xMDRfMjE3MV8yMTk2X0JSXzIwMS40LjcwLjE1Nl9hNmRfMjUzMl9BRFM-_-LqOPtmbfswtzswcggXaynaFibGfa_F8avbac-VF_JEbaBdWgd1prAsYJMAHHMggGn1tgrq9udKAu0qY0qmtZXuMmMMucc1inp0nuGma0aap0Qx5oL9wt4D9H1e6IXJIPde2P6XPQy9bYZoK7NmNzF8knntyTKqiHRzOLaTj1SGBqWN4Q47K250McCIOnhk8G4QOgfGTaHbeKkz9wcKbIGGNlKglKjyHGLlM7HZlJK24kEUpWnicaem2OmsyKXjVT86xLYCIlAThsi0eNZPtdmT5a5hR4cvN8_HsByBrSWpcJvk5moJPbJguyozfQhC6d6etAfTpyPuiABjMawbHSbnlIZq5EQZEiw67lisVVAzfZ0mZiKLiNWuhMrHQgAeoX2v3rzp4E5UPiOWbsbdJyam&

http://iron.zbane.com/MAIN/.../flvplayer.php?cc=BR&url=http://www.zbane.com/MAIN/.../flashplayer.exe&name=flashplayer&m=__sitename__&ymid=-_-ZmU2YV8xMDRfMTY5N18xNzE4X0JSXzE3Ny4xODkuMTk4Ljg0XzcwNF80MjQwX0FEUw-_-LqOPtmbfswtzDwgbGnaynaFGbGfa_F8avbac-VF_J-baAdHAAQatMMhjpQAsObAaQhbndfMAg1_KMuWeet1WjgaGIszemnEQ5POrEyKP1JMmnJZew02m1VztJFUgfd53O7LnyAWWWXs86X7ufHVt0KJctVP2x7LifbvuerQ7kZgGu1CdBOgUTVT5JFXsX6UkOeIaWSTnGO8xuzblLKW1TftgaI4rHmtuqk6qkW3hcLxK8EflnFf5vsmTvInzG6XjmvuoPMxXTNZXS353Bn5MTYtpjS0eaJHSASh8-8ftIPz27l47oytjK-g_CmmZU0e5KmNWPMlC649bzbkzkzCq2gsh8zUtKoRrcQxYPAgr8XBBAFwn0KLjR56Gv3xE1wvPwwXh2GJ9Xkhudb1uWD_ieSFFHP8d-RUlkskCHeiOSXad&

http://iron.zbane.com/MAIN/.../flvplayer.php?cc=BR&url=http://www.zbane.com/MAIN/.../flashplayer.exe&name=flashplayer&m=__sitename__&ymid=-_-ZTM0Y18xMDRfMTY5N18xNzE4X0JSXzE4OS4yNC43MC4xMDdfNzk1XzQyNDBfQURT-_-LqOPtmbfswtzEwGtASaunaFEbGfa_F8avbac-VF_J-baAdbBeQpXNsPPAQKEEYgObGH6J6a1n1GgunQ31JqddaaqgaAIBspjAsanEAqJtJOjqml52sA2cSiJbN4IXSsGt7ggSufVU0-Kt43uE5tK6BXCAxIycEWmGz0IunGhQdazgvDaMTYCwjT9IrKsToWx5jgkDP9mmTMbWXQOGUgvlgqJEsWlqwkF4euQoYloJOIKyLi0BhAyyTqyxbuMd-ku881xq3cveXwU0S7gfmmigPRbekaJXJuWfDsA3HsJDEDy3lYlsPx1kd0ArXUv0fr89f-49Glkek0aSmOqNZAOqHMFfQ6z68N1Ugenjt_rXUSGrfKNwAf1i9FmtaBg6cwRbWbmsGDTkhBcb52nQw6V8hCxuKu4dj4KglaL&

http://iron.zbane.com/MAIN/.../flvplayer.php?cc=BR&url=http://www.zbane.com/MAIN/.../flashplayer.exe&name=flashplayer&m=__sitename__&ymid=-_-OTEwMF8xMDRfMTY5N18xNzE4X0JSXzIwMS4xMS4xNzIuMjQ5XzM0Nl80MjQwX0FEUw-_-LqOPtmbfswtzzw7kIbaGnaFGbGfaFF8avbac-VF_J-baAdqBt1XeXttm9ucnidAaQhupudjdBQ0u1JtdnqObaaqdmsPM0KaApXdsAcedvwtRnUjHoogKCRgN8fivQTgQhFHtU4N0b3SKs-eRE2QM2piNaOmJygTisdOZkaiZWceW5cwZ9uU4vOoiLql1ddBcH2Kx0lV2JR0wojWP4io4RIllKeduOnfsM0ReXielq6L2Ke0ihAmpfazECBQh5v14wwsWvhTvWyf1yw4jEYs4PoOvCdeCUoZcwcs7HILG8M5fgrAjPmJ7dfVUpHBa3h6ducJOgvyiwfpf1uw5ofRhemtKHAbbJTvjYZ3lGnkMsdfKOTsmWMfJ0qhzC0W4G1aGRL34HayFxitoFNFKDXrYHtKqkjb7GIa&

http://iron.zbane.com/MAIN/.../flvplayer.php?cc=BR&url=http://www.zbane.com/MAIN/.../flashplayer.exe&name=flashplayer&m=__sitename__&ymid=-_-ZGM0Ml8xMDRfMjE3MV8yMTk2X0JSXzE4OS45Ni4xMzUuMTQwXzU2NV80MjQwX0FEUw-_-LqOPtmbfswtztwtUEiaGnaFIbGfa_F8avbac-VF_J-baydd1pvtkeyzYrtaIHg0OAAOEGgOriMKMhAdQFeJQOjup0ak1nAcmMyzegOYKtdhcgA3QUVvSItcTj4oUsXlTmXxohtCMoFaozNFNmozM3-rl0HfrcOqsesCt6Qa10caOGSQD7fQrdV9cAZ9ycWDhk4XlnT-QyKExpqbl2cXs1Ohksn3nWe7htvmJyPwPtAjHGgJw4SmBa8xaYi82L8KltF4W3xVPQ42T1y4hMcznjU3p4Q9d5hDQcUf1BFJ9ySEvY109csyEX1e3ujrv8JfSiS6dLccj6Q0WPlIo1zTrGomvcNtscbgc4JPuy21qqSmSPXQjSBLXjsIqJj2UMRrIKbagULnviOG83r36_V_i7IIKcNiHChqMa9a&

http://iron.zbane.com/MAIN/.../flvplayer.php?cc=US&url=http://www.zbane.com/MAIN/.../flashplayer.exe&name=flashplayer&m=__sitename__&ymid=-_-OWM3YV8xMDRfMTcwNl8xNzI3X0NBXzY2LjEzMS4yMDMuMTUwXzdlMV8xNTAwNDZfQVBQ-_-nym1CPyi4pbYuPrsMRACGJOntL7cjPDsKCIONjYuMTMxLjIwMy4xNTAoATDHrPqXBQ..&

http://iron.zbane.com/MAIN/.../flvplayer.php?cc=EG&url=http://www.zbane.com/MAIN/.../flashplayer.exe&name=flashplayer&m=__sitename__&ymid=-_-ZjhmNV8xMDRfMTgzOV8xODYxX0VHXzQxLjIzMy43My4yMF9iZmRfMjEwMDgyX0FQUA-_-ams1CJaV8MqWuJPMfBACGIrqqMbPwoyZaCIMNDEuMjMzLjczLjIwKAEw6MzklwU.&

http://iron.zbane.com/MAIN/.../flvplayer.php?cc=BR&url=http://www.zbane.com/MAIN/.../flashplayer.exe&name=flashplayer&m=__sitename__&ymid=-_-YjA1Zl8xMDRfMTY5N18xNzE4X0JSXzE3OS44Ny4yNDcuOV83M2VfNDI0MF9BRFM-_-LqOPtmbfswtzCwCn7OaenaFCbGfa_F8avbac-VF_J-baAdWAc1mnunt9M0MY1tqdpapuAuic0tIr9tMqbtegP2jGmOqjmHKMp18uYOpzPrnPzQbnA61rlzT2x1LR5oKHUYIWnQJPFdNX8WNqUtLk8fwJfkC6pX6zWjvevrtewrx5CGqLvmFdxWyVg7A9CsDUet497T0Xdqkh9bMZamVLsghj4iaIvTGctYajfA8nGT_wMauMKOkFgeHHrgAjbuIoDPK1o59I-RwoydUyKD69nUCNzsoNtrCli67rwDZxDWAwNV6s55RQP5m92ZmYo7MkmK-9MIKai-G-w-Ivq4bbzMtcEoKGdj12rbw1w2ghtTQst2NHHwww6M6tDTzPqvkKKc32ToQzubHhwlp6kSS3Od7Txex9Uii5WPsOgguUIDa&

http://iron.zbane.com/MAIN/.../flvplayer.php?cc=EG&url=http://www.zbane.com/MAIN/.../flashplayer.exe&name=flashplayer&m=__sitename__&ymid=-_-Y2U0Zl8xMDRfMTc1OV8xNzgwX0VHXzQxLjM3LjIwNS43NF81OTZfMjMxNjkyX0FQUA-_-fra1CIe69oXmq9mAcRACGKzCmuqej_jmAyIMNDEuMzcuMjA1Ljc0KAEws7eulwU.&

http://iron.zbane.com/MAIN/.../flvplayer.php?cc=DE&url=http://www.zbane.com/MAIN/.../flashplayer.exe&name=flashplayer&m=__sitename__&ymid=-_-MmFlOF8xMDRfMTY5OV8xNzIwX0RFXzg0LjEzNS4yNDQuMzJfZDU3XzQ0NzhfQURT-_-LqOPtmbfswtzswLrDAaCnaFsbGfa_FUaubac-VF_JEbaAdWYt1MAcMkguBe9aAn0mnAMIGMM0MitaagaaGLa1ttnvt1pup0tda0qq9aabRu6f_w3dQeTAVisJNOd4HhMFApdpVBMzeJOQHqGQztVZbaSI2ss4qIpAPcob1LrF7lT7TguhTQYcjK1OHvlaPt6iaKhbqkJjwKYiym8cktG9Tv0Goc-4IZfJONeL3kvvUgFZaa0Q7kJxUdAobN65k6-nJ0ZGqJJjQaMluOuBYGufjuozpvZ2fqmBVK5WY87SzKNASQTjn8eV7OR6IZUIyjLXBeEKvGQrbn3IihcMhT4sH_YHBloayNV__PmR5z56ubQXcB913i-tVnonqAM9mMigxWoVy_J7IIKcNiHJe0k46a&

http://iron.zbane.com/MAIN/.../flvplayer.php?cc=BR&url=http://www.zbane.com/MAIN/.../flashplayer.exe&name=flashplayer&m=__sitename__&ymid=-_-MWZkOV8xMDRfMTY5N18xNzE4X0JSXzE4Ny4zLjAuNDZfNDc3XzQyNDBfQURT-_-LqOPtmbfswtzBwHykha8naFubGfa_F8avbac-VF_J-baAdq2b1mQttMizqKbJmqnP2gO0OjAN6AQPjIPaAaaqdnnef00OEa00drYM6GMqdtC8v211BW2yP8OPTkCv1g0lmx475yiz6KaJTiTnAU9jzQ5krHWjijck9p2daGYsegbxds1kLmgIuUCZzrHTasrXCrtyDGtKGXJiri3weKjza9HBY0MCVM6tycJvvf0OOcXMNaqXLErMR4s39w2wXfpTMMMcl8QMgzeHL7IQevajd6bKBeUJ_QwHO7o2aeAJereWOnohzv37-HXMv0hXnHXznfyucBevjPekg3Plc5yqinAzew1C6K_cMRqeg1ZRTsfyWaCZGx5KvauG1bEAnn6A4OxrhUD_El9f_j3ofcfTqeIRCW&

http://iron.zbane.com/MAIN/.../flvplayer.php?cc=BR&url=http://www.zbane.com/MAIN/.../flashplayer.exe&name=flashplayer&m=__sitename__&ymid=-_-NWIzMF8xMDRfMTc4MV8xODAzX0JSXzE4OS4xNS41NC4xNV83ZWFfNjE5OV9BRFM-_-LqOPtmbfswtzrw661TammaFMbGfa_F8avbak-VF_JEaaA7W2j1P61Jugr_0e1dqd00upOEPEgOOPd0trp1nuan0aaac0tuirP20Kg0HMnOJgaqfevYjqS-UX6yQM9WBP4jM5qH5WX4A60ivqUs1v-alt7L-sdGGyOQOOFI1vXA4afQRRXkvOlSYzLT0sgDiaXi7RxJge4eUQqm3dclscK4csgQGhpHypNYIGHDK008gXctb41lNs1NEL6LFNtBYDzDzWMRmEFAsLdQjbAL36aMyCnfjYZa2gk3VDxDPHrEbldh3iswb1y7Y7VVuH0orIagH-w00gwnKIuBiZVJWKyQbRRKqluJaFOMQCfVyqziJMkuC5AK0p4p5UPiOWasD96waM&

http://iron.zbane.com/MAIN/.../flvplayer.php?cc=US&url=http://www.zbane.com/MAIN/.../flashplayer.exe&name=flashplayer&m=__sitename__&ymid=-_-ZTgyNV8xMDRfMTcyMF8xNzQxX0dCXzg3LjIzNi4yMTIuMjA5XzE2MV8xMzQ3MTBfQVBQ-_-ams1CJet4Njkr_CtGxACGICElKuR3PCuRiIOODcuMjM2LjIxMi4yMDkoATDWj5WYBQ..&

https://sosyaldealer.googlecode.com/.../FlashPlayer.exe

Scan flashplayer.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.