» flashplayerv28.3.2.exe
Overview
Analysis
File Details
Downloads (14)

flashplayerv28.3.2.exe

ares installer

Adode Inc.

The application flashplayerv28.3.2.exe, “Deploy ares browsers extension” by Adode has been detected as a potentially unwanted program by 32 anti-malware scanners. This is a self-extracting archive and installer and has been known to bundle potentially unwanted software. The file has been seen being downloaded from youtubevv.googlecode.com and multiple other hosts.

File name:

Publisher:

Adode Inc. (signed and verified)

Product:

ares installer

Description:

Deploy ares browsers extension

Version:

MD5:

1b970737ed3392a0b4d0cc2f7d2a5ce7

SHA-1:

d08d192e52a366110f784c4d5ffa2067ec3f0299

SHA-256:

9bbe788b6cdfbdfe64ffa25745a240b58ca1306735846b23dd63d52b0e75c8d0

Scanner detections:

32 / 68

Status:

Potentially unwanted

Analysis date:

4/19/2024 5:02:42 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.GenericKD.1571215

1040

Agnitum Outpost

Trojan.Facebook

7.1.1

AhnLab V3 Security

Trojan/Win32.Agent

14.04.01

Avira AntiVirus

TR/Spy.1105656

7.11.138.184

avast!

JS:Redirector-BHW [Trj]

2014.9-140401

AVG

Generic35

2015.0.3518

Baidu Antivirus

Trojan.JS.Chromex

4.0.3.1441

Bitdefender

Trojan.GenericKD.1571215

1.0.20.455

Comodo Security

UnclassifiedMalware

17986

Dr.Web

Trojan.Facebook.313

9.0.1.091

Emsisoft Anti-Malware

Trojan.JS.Agent

8.14.04.01.01

ESET NOD32

JS/Chromex.Agent

8.9586

Fortinet FortiGate

JS/Chromex_Agent.H!tr

4/1/2014

F-Secure

Trojan:JS/Kilim.K

11.2014-01-04_3

G Data

Trojan.GenericKD.1571215

14.4.24

IKARUS anti.virus

Trojan.FBook

t3scan.2.2.29

K7 AntiVirus

Trojan

13.176.11540

Kaspersky

Trojan.JS.FBook

14.0.0.4085

Malwarebytes

PUP.Optional.Ares.A

v2014.04.01.01

McAfee

Artemis!1B970737ED33

5600.7174

MicroWorld eScan

Trojan.GenericKD.1571215

15.0.0.273

Norman

Suspicious_Gen4.FUSRD

11.20140401

nProtect

Trojan.GenericKD.1571215

14.03.24.01

Panda Antivirus

Trj/dtcontx.L

14.04.01.01

Qihoo 360 Security

Win32/Trojan.Multi.daf

1.0.0.1015

Sophos

Mal/Generic-S

4.98

Total Defense

Win32/Tnega.dBGDOUC

37.0.10837

Trend Micro House Call

TROJ_AGENT.TYTWC

7.2.91

Trend Micro

TROJ_AGENT.TYTWC

10.465.01

Vba32 AntiVirus

Trojan.JS.Agent

3.12.24.3

VIPRE Antivirus

Trojan.Win32.Generic

27708

ViRobot

Trojan.Win32.S.Agent.1105656

2011.4.7.4223

File size:

1.1 MB (1,105,656 bytes)

Product version:

adobe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\downloads\flashplayerv28.3.2.exe

Digital Signature

Signed by:

Adode Inc.

Authority:

getaCert - www.getacert.com

Valid from:

2/13/2014 5:59:26 AM

Valid to:

2/14/2024 5:59:26 AM

Subject:

E=crac3r@gmail.com, CN=Adode.com, OU=MIT Dept., O=Adode Inc., L=New York, S=New York, C=US

Issuer:

O=getaCert - www.getacert.com, L=Seattle, S=Washington, C=US

Serial number:

0836

File PE Metadata

Compilation timestamp:

2/12/2014 5:53:39 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

24576:WtzhYAuK3jBq04hfPlHbM2PBI5NSTnTYVz:mbuGsPpNLTu

Entry address:

0xF4C70

Entry point:

55, 8B, EC, 83, C4, CC, 53, 56, 57, 33, C0, 89, 45, CC, 89, 45, D0, 89, 45, EC, 89, 45, D8, 89, 45, D4, B8, BC, 06, 4F, 00, E8, 84, 94, F1, FF, 33, C0, 55, 68, 12, 4E, 4F, 00, 64, FF, 30, 64, 89, 20, 33, C0, 55, 68, A4, 4D, 4F, 00, 64, FF, 30, 64, 89, 20, B8, 30, 4E, 4F, 00, E8, 9A, 79, FF, FF, B8, 8C, 4E, 4F, 00, E8, 90, 79, FF, FF, B8, E4, 4E, 4F, 00, E8, 86, 79, FF, FF, 8D, 45, EC, 50, 8D, 45, D8, E8, DA, AD, FE, FF, 8B, 45, D8, 89, 45, DC, C6, 45, E0, 11, 8D, 55, D4, B8, 04, 00, 00, 00, E8, 4B, B5, FE... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

974.5 KB (997,888 bytes)

The file flashplayerv28.3.2.exe has been seen being distributed by the following 14 URLs.

https://youtubevv.googlecode.com/svn/.../FlashPlayerv28.4.0.exe

https://allahilebravo.googlecode.com/svn/.../FlashPlayerv28.3.0.exe

https://allahilebravo.googlecode.com/svn/.../FlashPlayerv26.2.1.exe

https://bwqebqw.googlecode.com/svn/.../MediaPlayer.exe

https://kullerhasani.googlecode.com/svn/.../FlashPlayerv28.3.1.exe

https://allahilebravo.googlecode.com/svn/.../FlashPlayerv25.2.1.exe

https://schoolproject2.googlecode.com/svn/.../Flash Player.exe

https://google-com-code.googlecode.com/svn/.../FlashPlayerv28.3.3.exe

https://schoolproject3.googlecode.com/svn/.../FlashPlayerv24.2.1.exe

https://allahilebravo.googlecode.com/svn/.../FlashPlayerv27.3.0.exe

https://schoolproject3.googlecode.com/svn/.../VideoPlayer.exe

https://projectalgorithm.googlecode.com/svn/.../Flash Player.exe

https://google-com-code.googlecode.com/svn/.../FlashPlayerv28.3.4.exe

https://kullerhasani.googlecode.com/svn/.../FlashPlayerv28.3.2.exe

Remove flashplayerv28.3.2.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.