home

flashplayer_16_sa.exe

Shockwave Flash

Adobe Systems Incorporated

This is a setup program which is used to install the application. The file has been seen being downloaded from moodle.epfl.ch and multiple other hosts.
Publisher:
Adobe Systems, Inc.  (signed by Adobe Systems Incorporated)

Product:
Shockwave Flash

Description:
Adobe Flash Player 16.0 r0

Version:
16,0,0,305

MD5:
718225f23b59961373bb51746fcde61d

SHA-1:
038f376b3687b550c5e726ad4cd9db2e0a241f72

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/24/2024 7:01:22 PM UTC  (today)

File size:
10.7 MB (11,233,456 bytes)

Product version:
16,0,0,305

Copyright:
Adobe® Flash® Player. Copyright © 1996-2015 Adobe Systems Incorporated. All Rights Reserved. Adobe and Flash are either trademarks or registered trade

Trademarks:
Adobe Flash Player

Original file name:
SAFlashPlayer.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\documents and settings\administrator\pulpit\smieci\flashplayer_16_sa.exe

Digital Signature
Signed by:
Adobe Systems Incorporated

Authority:
Symantec Corporation

Valid from:
1/14/2014 1:00:00 AM

Valid to:
1/8/2016 12:59:59 AM

Subject:
CN=Adobe Systems Incorporated, OU=Flash Player, O=Adobe Systems Incorporated, L=San Jose, S=California, C=US, SERIALNUMBER=2748129, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.2=Delaware, OID.1.3.6.1.4.1.311.60.2.1.3=US

Issuer:
CN=Symantec Class 3 Extended Validation Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
50ED674255614BF4ED3ED423CC93CA7D

File PE Metadata
Compilation timestamp:
2/2/2015 10:55:43 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
196608:VcVzkMvC4/vHQCJo6t9KeFqJ6PG7jMFQqiBST+D/xcOCWRnd7yhHaiVdHyJ88Hjn:VcVzxvYC+6tMe9GUFQqiBI+D/qkjL

Entry address:
0x73FA7B

Entry point:
E8, A2, AD, 00, 00, E9, 78, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 8B, 44, 24, 08, 8B, 4C, 24, 10, 0B, C8, 8B, 4C, 24, 0C, 75, 09, 8B, 44, 24, 04, F7, E1, C2, 10, 00, 53, F7, E1, 8B, D8, 8B, 44, 24, 08, F7, 64, 24, 14, 03, D8, 8B, 44, 24, 08, F7, E1, 03, D3, 5B, C2, 10, 00, B8, 70, B3, B4, 00, A3, 54, 52, E1, 00, C7, 05, 58, 52, E1, 00, 57, AA, B4, 00, C7, 05, 5C, 52, E1, 00, 0B, AA, B4, 00, C7, 05, 60, 52, E1, 00, 44, AA, B4, 00, C7, 05, 64, 52, E1, 00, AD, A9, B4, 00, A3, 68, 52, E1, 00...
 
[+]

Code size:
7.8 MB (8,229,888 bytes)

The file flashplayer_16_sa.exe has been seen being distributed by the following 4 URLs.

http://moodle.epfl.ch/pluginfile.php/1522472/mod_folder/content/0/.../flashplayer_16_sa.exe

http://download1277.mediafire.com/qos5qnlyzgpg/.../flashplayer_16_sa.exe

http://download.macromedia.com/pub/flashplayer/updaters/.../flashplayer_16_sa.exe

http://fpdownload.macromedia.com/pub/flashplayer/updaters/.../flashplayer_16_sa.exe

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.