home

flight simulator x.exe

The application flight simulator x.exe has been detected as a potentially unwanted program by 4 anti-malware scanners. This is a setup program which is used to install the application. It uses the Solimba download manager to push adware offers during the download and setup process. Bundled adware includes search and shopping web browser toolbars. The file has been seen being downloaded from dl.downc468.com and multiple other hosts.
MD5:
e183e5e8a866ccec4b3453252320d1fa

SHA-1:
6dc4dcf570b7cb16b205cbf195f80048cafe3ca5

SHA-256:
736135152165ab2c6fdc8d107cb958be3becc175a579fcdeb2ad0ca6c9d6a53a

Scanner detections:
4 / 68

Status:
Potentially unwanted

Explanation:
Uses the Solimba installer to bundle adware offers.

Analysis date:
4/26/2024 6:44:06 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
TR/Trash.Gen
7.11.30.172

avast!
Win32:Firseria-A [PUP]
140813-1

Sophos
Solimba Installer
4.98

SUPERAntiSpyware
Trojan.Agent/Gen-Nullo[Short]
10393

File size:
183.8 KB (188,216 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\flight simulator x.exe

File PE Metadata
Compilation timestamp:
11/27/2013 10:43:52 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
3072:AFtj9DZiop52XIGrjKSBUZWijNutqGwSMixZhAJY/UAmFS:AFZ9DEq52hUZcYGwS/xZ7UW

Entry address:
0x704B0

Entry point:
60, BE, 00, 90, 44, 00, 8D, BE, 00, 80, FB, FF, 57, EB, 0B, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 28, 8B, 1E, 83, EE, FC, 11, DB, 72, 1F, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, EB, 52, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 75, D1, F8, 89, C5, EB, 0B, 01, DB, 75, 07, 8B...
 
[+]

Entropy:
7.8114

Packer / compiler:
UPX v0.89.6 - v1.02 / v1.05 -v1.24

Code size:
160 KB (163,840 bytes)

The file flight simulator x.exe has been seen being distributed by the following 2 URLs.

http://dl.downc468.com/n/3.0.23.11/.../Flight Simulator X.exe

http://www.pc-file.com/flight-simulator-x/download/.../645

Remove flight simulator x.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.