home

FLVGuncelle.exe

AOE

The executable FLVGuncelle.exe has been detected as malware by 36 anti-virus scanners. The file has been seen being downloaded from www.puee.in and multiple other hosts.
Publisher:
AOE

Product:
AOE

Version:
63

MD5:
c6c60cc5c155b58ef6ff5b2476684ab2

SHA-1:
528effc26d475b33279b7e071d3a27fa1475b1d7

SHA-256:
330145b8da3d50a123e0bc03a41631c092f6b5abde8dfa4ec565793182895c36

Scanner detections:
36 / 68

Status:
Malware

Analysis date:
5/17/2024 3:02:16 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.GenericKD.1492435
408

Agnitum Outpost
Trojan.Blocker
7.1.1

AhnLab V3 Security
Trojan/Win32.Blocker
2015.12.16

Avira AntiVirus
TR/Rogue.1492435
8.3.2.4

Arcabit
Trojan.Generic.D16C5D3
1.0.0.629

avast!
Win32:Ransom-ARZ [Trj]
2014.9-151224

AVG
Dropper.Generic9
2016.0.2886

Baidu Antivirus
Trojan.Win32.Ransomlock
4.0.3.151224

Bitdefender
Trojan.GenericKD.1492435
1.0.20.1790

Comodo Security
UnclassifiedMalware
23772

Dr.Web
Trojan.Zipvideom.1
9.0.1.0358

Emsisoft Anti-Malware
Trojan.GenericKD.1492435
8.15.12.24.10

ESET NOD32
MSIL/Bepush
9.12726

Fortinet FortiGate
W32/Blocker.DIND!tr
12/24/2015

F-Prot
W32/Trojan2.OBHA
v6.4.7.1.166

F-Secure
Trojan-Downloader:W32/Kilim.T
11.2015-24-12_5

G Data
Trojan.GenericKD.1492435
15.12.25

IKARUS anti.virus
Trojan-Ransom.Win32.Blocker
t3scan.1.9.5.0

K7 AntiVirus
Riskware
13.212.18114

Kaspersky
Trojan-Ransom.Win32.Blocker
14.0.0.923

Malwarebytes
Trojan.Downloader.MSIL
v2015.12.24.10

McAfee
Generic.rx
5600.6542

Microsoft Security Essentials
TrojanDropper:MSIL/Bepush.B
1.1.12300.0

MicroWorld eScan
Trojan.GenericKD.1492435
16.0.0.1074

NANO AntiVirus
Trojan.Win32.Blocker.dtplmx
1.0.10.5081

nProtect
Trojan.GenericKD.1492435
15.12.15.01

Panda Antivirus
Trj/WLT.A
15.12.24.10

Qihoo 360 Security
Trojan.Generic
1.0.0.1077

Quick Heal
TrojanDropper.Bepush.B.cw3
12.15.14.00

Rising Antivirus
PE:Malware.Generic/QRS!1.9E2D [F]
23.00.65.151222

Total Defense
Win32/Tnega.ATYA
37.1.62.1

Trend Micro House Call
TROJ_SPNR.35BH14
7.2.358

Trend Micro
TROJ_SPNR.35BH14
10.465.24

VIPRE Antivirus
Trojan.Win32.Generic
45856

ViRobot
Trojan.Win32.A.Blocker.123904.Q[h]
2014.3.20.0

Zillya! Antivirus
Trojan.Blocker.Win32.13348
2.0.0.2563

File size:
121 KB (123,904 bytes)

Product version:
63

Copyright:
AOE

Trademarks:
AOE

Original file name:
FLVGuncelle.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\flvguncelle.exe

File PE Metadata
Compilation timestamp:
1/6/2014 8:42:25 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
3072:rEKMEvppWZLcMfSszN/XJ1il0lxdVvJ+2VbNfBvsEr5hS:rWERpHcSa/XnlxbU2XJ

Entry address:
0x1E426

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.4826

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
113.5 KB (116,224 bytes)

The file FLVGuncelle.exe has been seen being distributed by the following 2 URLs.

http://www.puee.in/dl.php

http://www.agentofex.com/dl.php

Remove FLVGuncelle.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.