» install_flash_player_10_active_x.exe
Overview
Analysis
File Details
Programs (6)
Downloads (8)

install_flash_player_10_active_x.exe

Adobe Flash Player ActiveX

Adobe Systems Incorporated

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The file has been seen being downloaded from download.apphit.com and multiple other hosts.

File name:

install_flash_player_10_active_x.exe

Publisher:

Adobe Systems Incorporated (signed and verified)

Product:

Adobe® Flash® Player ActiveX

Description:

Adobe® Flash® Player ActiveX Installer

Version:

1.0.20

MD5:

128ada8119b4f860e1aca1891e8abde2

SHA-1:

f4ec0e95099e354fd01cd3bb27c202f54932dc70

SHA-256:

016b77d19d9fde6f7d5b477eb7008df80c51ff02acb5f950c986e45a0c2a78d3

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/20/2024 12:49:34 AM UTC (today)

File size:

1.9 MB (1,956,528 bytes)

Product version:

10.0.42.34

File type:

Executable application (Win32 EXE)

Installer:

NSIS (Nullsoft Scriptable Install System)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\aisuite_ii\turbov evo_1.00.65\appsetup\flashplayer10\install_flash_player_10_active_x.exe

Digital Signature

Signed by:

Adobe Systems Incorporated

Authority:

VeriSign, Inc.

Valid from:

10/24/2008 2:00:00 AM

Valid to:

12/11/2009 12:59:59 AM

Subject:

CN=Adobe Systems Incorporated, OU=Information Systems, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Adobe Systems Incorporated, L=San Jose, S=California, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

7657F9CBCAC1EA9504838E3ED9355D2D

File PE Metadata

Compilation timestamp:

1/13/2007 7:28:14 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

49152:ZdrwI6QJG/UFh3Nc27JARwh2ZaBLVqPnEG2JZem5Wxd:ZdcICUHqzwh2ZwQPnH2Jouud

Entry address:

0x36F2

Entry point:

81, EC, 7C, 01, 00, 00, 53, 55, 56, 33, F6, 57, 89, 74, 24, 18, BB, 10, A7, 40, 00, C6, 44, 24, 10, 20, FF, 15, 30, 80, 40, 00, 56, FF, 15, 7C, 82, 40, 00, A3, D0, 6B, 42, 00, 56, 8D, 44, 24, 30, 68, 60, 01, 00, 00, 50, 56, 68, B8, 14, 42, 00, FF, 15, 58, 81, 40, 00, 68, 34, A8, 40, 00, 68, 20, 63, 42, 00, E8, 72, 29, 00, 00, BD, 00, D4, 42, 00, 55, 68, 00, 04, 00, 00, FF, 15, B8, 80, 40, 00, E8, 64, FF, FF, FF, 85, C0, 75, 24, 68, FB, 03, 00, 00, 55, FF, 15, B4, 80, 40, 00, 68, 2C, A8, 40, 00, 55, E8, 5D... 
[+]

Packer / compiler:

Nullsoft install system v2.x

Code size:

24.5 KB (25,088 bytes)

The file install_flash_player_10_active_x.exe has been discovered within the following programs.

Adobe Flash Player 18 ActiveX by Adobe Systems Incorporated

www.adobe.com

9% remove it

Aneesoft 3D Flash Gallery by Aneesoft Corporation

Publisher's description - “Aneesoft 3D Flash Gallery is an easy to use yet powerful flash gallery making software that displays your digital photos in an interactive and elegant 3D photo gallery for MySpace, Blogger and your personal websites easy and fast.”

www.aneesoft.com

21% remove it

AviSynth 2.5 by AviSynth

AviSynth is a frameserver program for Microsoft Windows. AviSynth acts as a non-linear video editor controlled entirely by scripting (without a GUI).

avisynth.org

About 1% of users remove it

MediaRing Talk by MediaRing

www.mediaringtalk.com

About 8% of users remove it

PegaJogo 3.0 by PegaJogo.com

www.pegajogo.com

About 9% of users remove it

Wondershare Flash Gallery Factory Deluxe 5.0.2 by Wondershare Software

Publisher's description - “Wondershare Flash Gallery Factory Deluxe is the best Flash slideshow maker and photo gallery software to make interactive flash slideshow for business banner, family photo albums, holiday greeting cards.”

www.wondershare.com/pro/flash-gallery-factory-deluxe.html

5% remove it

The file install_flash_player_10_active_x.exe has been seen being distributed by the following 8 URLs.

http://download.apphit.com/124/.../Flash_Player_10_0_42_34.exe

https://doc-10-8s-docs.googleusercontent.com/docs/securesc/evnbe3f8ag581tpuffls5sv0487ts52q/s09a75i8farjfha4ogh7ptqmmr5e6bjk/1474020000000/05550868352780101731/.../0BzwWRmtIEolLYi02cE5IT0hpTXM?e=download

http://www.sistemklinik.com.my/support/.../FlashPlayer10.exe

https://drive.google.com/uc?id=0BxDKUoGJSsyoU0FENHFDY05PaEk&export=download

http://files.fyxm.net/98/.../install_flash_player_10_active_x.exe

http://qb.vu.edu.pk/login.aspx

http://151.12.1.104/.../adobe.exe

http://fpdownload.adobe.com/get/flashplayer/.../install_flash_player_ax.exe

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.