home

FLVGuncelle.exe

AOE

The executable FLVGuncelle.exe has been detected as malware by 35 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from www.showmaskonnn.com.
Publisher:
AOE

Product:
AOE

Version:
63

MD5:
0984fe4e1f2e15a9d42883a8a76d5da7

SHA-1:
6b8bd8cfde6fc0a6ef5236c31e9b7b557562270a

SHA-256:
2df0d73a410a8c59e0305752b4ebfe3c5f6d1c01baa9300467fdb206e449f32e

Scanner detections:
35 / 68

Status:
Malware

Analysis date:
5/7/2024 4:34:55 PM UTC  (today)

Scan engine
Detection
Engine version

AegisLab AV Signature
Troj.Ransom.W32.Blocker.djeo!c
2.1.4+

Agnitum Outpost
Trojan.Bepush
7.1.1

AhnLab V3 Security
Trojan/Win32.Blocker
2016.01.25

Avira AntiVirus
TR/Kazy.320907.2
8.3.2.4

Arcabit
Trojan.Zusy.D134BC
1.0.0.646

avast!
Win32:Ransom-ARZ [Trj]
2014.9-160209

AVG
Pakes_c
2017.0.2839

Baidu Antivirus
Trojan.MSIL.Bepush
4.0.3.1629

Bitdefender
Gen:Variant.Zusy.79036
1.0.20.200

Comodo Security
UnclassifiedMalware
24014

Dr.Web
Trojan.DownLoader9.10522
9.0.1.040

Emsisoft Anti-Malware
Gen:Variant.Zusy.79036
8.16.02.09.01

ESET NOD32
MSIL/Bepush (variant)
10.12920

Fortinet FortiGate
W32/Blocker.DJEO!tr
2/9/2016

F-Secure
Trojan-Downloader:W32/Kilim.T
11.2016-09-02_3

G Data
Gen:Variant.Zusy.79036
16.2.25

IKARUS anti.virus
Trojan-Ransom.Win32.Blocker
t3scan.2.0.3.0

K7 AntiVirus
Trojan
13.212.18518

Kaspersky
HEUR:Trojan.Win32.Generic
14.0.0.690

Malwarebytes
Trojan.Downloader.MSIL
v2016.02.09.01

McAfee
Trojan-FDNQ!0984FE4E1F2E
5600.6495

Microsoft Security Essentials
TrojanDropper:MSIL/Bepush.C
1.1.12400.0

MicroWorld eScan
Gen:Variant.Zusy.79036
17.0.0.120

NANO AntiVirus
Trojan.Win32.Blocker.csmlrz
1.0.14.5380

nProtect
Trojan/W32.Blocker.123904.N
16.01.22.01

Panda Antivirus
Generic Malware
16.02.09.01

Qihoo 360 Security
HEUR/Malware.QVM03.Gen
1.0.0.1077

Quick Heal
TrojanDropper.Bepush.r3
2.16.14.00

Rising Antivirus
PE:Malware.Generic/QRS!1.9E2D [F]
23.00.65.16207

Sophos
Mal/Generic-S
4.98

Trend Micro House Call
TROJ_SPNR.35BH14
7.2.40

Trend Micro
TROJ_SPNR.35BH14
10.465.09

VIPRE Antivirus
Trojan.Win32.Generic
46746

ViRobot
Trojan.Win32.A.Blocker.123904.U[h]
2014.3.20.0

Zillya! Antivirus
Trojan.Blocker.Win32.13957
2.0.0.2628

File size:
121 KB (123,904 bytes)

Product version:
63

Copyright:
AOE

Trademarks:
AOE

Original file name:
FLVGuncelle.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\flvguncelle.exe

File PE Metadata
Compilation timestamp:
1/10/2014 2:46:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
3072:VkTsaWnpPZLcMfwR4gIyLCRBT1NfJX7rukUPChS:V/a8pacwR1IyLCzT1hJX7qkU

Entry address:
0x1E406

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
113.5 KB (116,224 bytes)

The file FLVGuncelle.exe has been seen being distributed by the following URL.

http://www.showmaskonnn.com/dl.php

Remove FLVGuncelle.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.