» flashplayer_17.exe
Overview
Analysis
File Details
Downloads (1)

flashplayer_17.exe

Yopitul Mnai

NSA

This is a setup program which is used to install the application. The file has been seen being downloaded from docs.google.com.

File name:

flashplayer_17.exe

Publisher:

nasau limur (signed by NSA)

Product:

Yopitul Mnai

Description:

Sproc La

Version:

17.0.0.188

MD5:

8d4ef29bbabdcbf37d5b0f8cea82bff3

SHA-1:

affffcae2fb431c67c553f011d191c7b1ae22245

SHA-256:

6e41212f9b41385471781aca78f613aa911f593b90c06c97be36c8d62e87d454

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/23/2024 5:07:22 AM UTC (today)

File size:

113.8 KB (116,520 bytes)

Product version:

17.0.0.188

All rights to 2015 @ Fixl

Original file name:

Mynewl.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\flashplayer_17.exe

Digital Signature

Signed by:

NSA

Authority:

NSA

Valid from:

4/23/2015 1:14:15 PM

Valid to:

4/22/2016 1:14:15 PM

Subject:

E=cmd@nsa.gov, CN=NSA.GOV, OU=USA Intelligence, L=Adidul, O=NSA, S=Kurtkhla, C=af

Issuer:

E=cmd@nsa.gov, CN=NSA.GOV, OU=USA Intelligence, L=Adidul, O=NSA, S=Kurtkhla, C=af

Serial number:

File PE Metadata

Compilation timestamp:

5/26/2015 5:30:14 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

384:heNoWo8tKm4FeLRnRD5dmfd/Pmcccccccce555W5555i5555O5555F5a5mAKB7UQ:sOW7tKodCd/+A4l89H3oyzYcHeImPoM

Entry address:

0x427E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

9 KB (9,216 bytes)

The file flashplayer_17.exe has been seen being distributed by the following URL.

https://docs.google.com/uc?id=0B_NWrvhUFHQzYTA4MDFZNjVrQ3c&export=download

Scan flashplayer_17.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.