flvplayersetup.exe

The executable flvplayersetup.exe has been detected as malware by 1 anti-virus scanner. This is a self-extracting archive and installer, however the file is not signed with an authenticode signature from a trusted source. The file has been seen being downloaded from aff.foxtab.com.
MD5:
5741c749366e9252bf21f5e768434b91

SHA-1:
8f8af4f3094b8129680ee5dc7e6b54dca6f332ec

SHA-256:
35491a045ed326be1bc1ac7598ba50b47d876056d02ec94b6c1cb3d18044e2af

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
8/17/2018 7:53:27 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Threat.Win.Reputation.IMP
16.2.4.2

File size:
1 MB (1,096,072 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\flvplayersetup.exe

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:psSXtCK7/VosCFgtcheW0Nsr6nk8QARTDGM85:CitCItoVFgaheW0l7QARTDGM8

Entry address:
0xC1B06

Entry point:
55, 8B, EC, 83, C4, F0, B8, F1, A4, 4A, 00, E8, A8, E6, FF, FF, 58, BA, 27, 1C, CB, 66, 1B, 4B, B9, 15, 57, F3, 91, 4C, 08, A1, FD, 1C, E2, 9B, D9, 8F, C6, 3C, 9B, 84, 63, 61, B0, 09, 75, DB, 61, 97, 68, AF, 3B, CE, 61, 8B, 24, 83, 04, CC, 84, 46, 7F, EB, 35, B7, A7, 34, 1E, 4D, 32, 12, AC, 58, 55, 72, 94, 75, 60, E9, 82, BB, 17, A0, AF, 45, D5, 3E, 7B, F6, D1, 60, 83, 93, FC, 39, DB, 84, 5F, 75, 53, EE, E5, 86, F8, ED, 00, E6, 41, 14, 94, FB, 89, 8B, 12, AF, CF, 75, AF, D6, D9, 58, 25, 08, 36, D1, 6D, 83...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
786 KB (804,864 bytes)

The file flvplayersetup.exe has been seen being distributed by the following URL.

Remove flvplayersetup.exe - Powered by Reason Core Security