» flashplayerpro-setup.exe
Overview
Analysis
File Details

flashplayerpro-setup.exe

Recode

The application flashplayerpro-setup.exe by Recode has been detected as adware by 19 anti-malware scanners. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer.

File name:

Publisher:

Recode (signed and verified)

MD5:

1d1ca8626b4444e0b75dbeb198aee0b8

SHA-1:

27aed38f0532ba0245a62ee9c6be6d5ae34c139b

SHA-256:

13d215bfc074fc277a4dbc8e739d3a39ac30cdbd04f8483d172bec239eea3b72

Scanner detections:

19 / 68

Status:

Adware

Analysis date:

4/27/2024 3:36:18 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Adware.Agent.OCK

582

Avira AntiVirus

APPL/Dldr.Admin.iona

3.6.1.96

avast!

DownloadAdmin-A [Adw]

2014.9-150328

AVG

Generic

2016.0.3156

Comodo Security

Application.Win32.DownloadAdmin.ANGL

21573

Dr.Web

Adware.Downware.2220

9.0.1.087

Emsisoft Anti-Malware

Adware.Agent.OCK

8.15.07.03.07

ESET NOD32

Win32/DownloadAdmin.G potentially unwanted application

9.7.0.302.0

herdProtect (fuzzy)

variant of javaupdater-setup.exe (Adware)

2015.7.3.7

K7 AntiVirus

Unwanted-Program

13.202.15414

Malwarebytes

PUP.Optional.FlashPro

v2015.03.28.06

MicroWorld eScan

Adware.Agent.OCK

16.0.0.552

NANO AntiVirus

Riskware.Nsis.Downware.dlgjls

0.30.8.659

Norman

Adware.Agent.OCK

11.20150703

nProtect

Adware.Agent.OCK

14.12.05.01

Reason Heuristics

PUP.Installer.Recode

15.3.28.18

Sophos

Download Admin

4.98

VIPRE Antivirus

Threat.4150696

35418

Zillya! Antivirus

Backdoor.PePatch.Win32.37877

2.0.0.1999

File size:

789.1 KB (808,080 bytes)

File type:

Executable application (Win32 EXE)

Installer:

NSIS (Nullsoft Scriptable Install System)

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\flashplayerpro-setup.exe

Digital Signature

Signed by:

Recode

Authority:

VeriSign, Inc.

Valid from:

2/13/2014 1:00:00 AM

Valid to:

2/13/2017 12:59:59 AM

Subject:

CN=Recode, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Recode, L=SAN FRANCISCO, S=California, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

7A8465407089FE62D3D2ABC37BC0C4B1

File PE Metadata

Compilation timestamp:

6/22/2012 8:07:51 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

12288:GxpJ/xOJ5iQ/817fkZZ3Yzboo9RM6RS3r8Qksh0+vhd00hx+9BWEXS3BNmm:yppxs5iQ/817L0o9q6RSg0d0YJEi3BN9

Entry address:

0x333B

Entry point:

81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, B0, 73, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, C0, 70, 40, 00, 53, FF, 15, 88, 72, 40, 00, 6A, 08, A3, B8, 3C, 42, 00, E8, 2C, 25, 00, 00, 53, 68, 60, 01, 00, 00, A3, C0, 3B, 42, 00, 8D, 44, 24, 38, 50, 53, 68, 43, 74, 40, 00, FF, 15, 64, 71, 40, 00, 68, 38, 74, 40, 00, 68, C0, 33, 42, 00, E8, 1D, 24, 00, 00, FF, 15, BC, 70, 40, 00, 50, BF, 00, 90, 42, 00, 57, E8, 0B, 24, 00, 00... 
[+]

Packer / compiler:

Nullsoft install system v2.x

Code size:

23 KB (23,552 bytes)

Remove flashplayerpro-setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.