» flexihub.exe
Overview
Analysis
File Details
Downloads (1)

flexihub.exe

FlexiHub 2.5

ELTIMA Software

The executable flexihub.exe, “FlexiHub ” has been detected as malware by 5 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from eltima.com.

File name:

flexihub.exe

Publisher:

ELTIMA Software

Product:

FlexiHub 2.5

Description:

FlexiHub

Version:

Flexihub 2.5.8827

MD5:

75151168918a577cb252a3a3fa488f40

SHA-1:

cd27e132455d7ee5bf96528b5263dc5522410efd

SHA-256:

b619d2a96a745320838d709570abade14bcc9a740779974aa12a57a328e3a64c

Scanner detections:

5 / 68

Status:

Malware

Analysis date:

4/26/2024 7:22:13 AM UTC (today)

Scan engine

Detection

Engine version

avast!

Win32:SaliCode

160518-2

Dr.Web

Win32.Sector.30

9.0.1.05190

ESET NOD32

Win32/Sality.NBA virus

8.0.319.0

F-Prot

W32/Sality.gen2

4.6.5.141

Microsoft Security Essentials

Threat.Undefined

1.223.1545.0

File size:

5 MB (5,214,600 bytes)

Product version:

2.5 (Build 2.5.8827)

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\flexihub.exe

File PE Metadata

Compilation timestamp:

10/13/2013 1:19:32 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

98304:mXwMGtPFf2//4ysbT1gebRQOwvgKSsByM6MhQXr58owrI6U9hbMOlaW:mAnPeiRWv13QXr50p7Olz

Entry address:

0x113BC

Entry point:

8D, 35, B5, 15, 2E, 4E, 38, D6, 0F, AF, DB, C7, C7, 1A, 0B, 15, 4D, 69, EE, E6, 19, EB, 3C, 0F, AF, D9, C6, C0, 1E, 81, FE, 67, 47, 00, 00, 1D, B0, 3D, 55, BB, 69, DD, 9A, 48, 3F, 35, 71, 09, 4D, F7, C5, 15, 26, 46, 9D, FE, C8, 1A, DC, E8, 00, 00, 00, 00, 77, 08, 0F, BE, DE, 3D, 0C, 04, A8, A0, 8A, F0, F6, C5, C8, F3, 3B, E9, 6B, C9, 00, 00, EB, F6, C4, 5F, 0F, AF, D3, B6, 10, 81, EA, 3D, 48, DE, AC, 0F, AF, F3, 0F, BE, D1, BB, AE, 07, 00, 00, 18, EA, 81, F3, 1D, 0E, 00, 00, 69, D5, A2, 7F, 81, EE, 0F, C1... 
[+]

Entropy:

7.9936 (probably packed)

Code size:

63.5 KB (65,024 bytes)

The file flexihub.exe has been seen being distributed by the following URL.

http://eltima.com/.../flexihub.exe

Remove flexihub.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.