» flashplayer17.exe
Overview
Analysis
File Details

flashplayer17.exe

SAPO

The executable flashplayer17.exe has been detected as malware by 1 anti-virus scanner.

File name:

flashplayer17.exe

Publisher:

SAPO (signed and verified)

Version:

17.0.0.188

MD5:

6d92ea61f2e769caf1364882a42bf114

SHA-1:

0dc6490945fba169e9a1728831d43a503106924b

SHA-256:

ef14edf3a864be9aa7772c3cf8dfd91b9103f4fd74eff5dfd83f0dbaec3bb724

Scanner detections:

1 / 68

Status:

Malware

Analysis date:

5/5/2024 8:21:10 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

Trojan.Downloader (M)

16.3.9.12

File size:

190.1 KB (194,704 bytes)

Product version:

17.0.0.188

Original file name:

lkproc.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\flashplayer17.exe

Digital Signature

Signed by:

SAPO

Authority:

SAPO

Valid from:

6/5/2015 2:08:35 PM

Valid to:

6/5/2016 2:08:35 PM

Subject:

E=cmd@sapo.pt, CN=SAPO.PT, OU=SAPO Division of Protocol, O=SAPO, L=Opalo, S=Jobila, C=AS

Issuer:

E=cmd@sapo.pt, CN=SAPO.PT, OU=SAPO Division of Protocol, O=SAPO, L=Opalo, S=Jobila, C=AS

Serial number:

00A7AB2CD21ECC7345

File PE Metadata

Compilation timestamp:

6/17/2015 7:59:05 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

1536:PFDU3MDay9XltD/J/ABk5Kxo6VsbZ3DhxSMuFPNS5+CpT:9I8Day9Xf3J6VsbZ3DhZujS5+CpT

Entry address:

0x589E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

14.5 KB (14,848 bytes)

Remove flashplayer17.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.