» install_flash_player_13_active_x.exe
Overview
Analysis
File Details
Programs (4)
Downloads (36)

install_flash_player_13_active_x.exe

Adobe Flash Player Installer/Uninstaller

Adobe Systems Incorporated

This is a self-extracting archive and installer. This is installed with multiple programs including Adobe Flash Player 25 NPAPI and Adobe Flash Player 18 NPAPI. The file has been seen being downloaded from www.bin.ge and multiple other hosts.

File name:

install_flash_player_13_active_x.exe

Publisher:

Adobe Systems Incorporated (signed and verified)

Product:

Adobe® Flash® Player Installer/Uninstaller

Description:

Adobe® Flash® Player Installer/Uninstaller 13.0 r0

Version:

13,0,0,206

MD5:

e94a2fecc91f4b3d22b971dc9d238e3b

SHA-1:

c0a2ab288a35382a3ed5dd1df5d790cf4f4dda2d

SHA-256:

580037c6ba9d9211fcad1da7b7e841e43ea588c5635e870c4ff256a44ba7d33b

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/26/2024 12:39:45 PM UTC (today)

File size:

16.5 MB (17,338,544 bytes)

Product version:

13,0,0,206

Trademarks:

Adobe® Flash® Player

Original file name:

FlashUtil.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\windows\temp\avast_ash\flash player activex\install_flash_player_13_active_x.exe

Digital Signature

Signed by:

Adobe Systems Incorporated

Authority:

Symantec Corporation

Valid from:

1/14/2014 1:00:00 AM

Valid to:

1/8/2016 12:59:59 AM

Subject:

CN=Adobe Systems Incorporated, OU=Flash Player, O=Adobe Systems Incorporated, L=San Jose, S=California, C=US, SERIALNUMBER=2748129, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.2=Delaware, OID.1.3.6.1.4.1.311.60.2.1.3=US

Issuer:

CN=Symantec Class 3 Extended Validation Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:

50ED674255614BF4ED3ED423CC93CA7D

File PE Metadata

Compilation timestamp:

4/18/2014 11:44:42 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

393216:GOXZcfP5NBvNqgoUfwgx2PkOBDeHQz5TplzuVs7r:nXZcfZvToRgkPkOBjTvv

Entry address:

0x1CC3C

Entry point:

E8, FB, 5B, 00, 00, E9, 78, FE, FF, FF, 8B, FF, 55, 8B, EC, 56, 8B, 75, 0C, F6, 46, 0C, 40, 57, 75, 79, 56, E8, 8D, 09, 00, 00, 59, BA, 98, 15, 43, 00, 83, F8, FF, 74, 1B, 83, F8, FE, 74, 16, 8B, C8, 83, E1, 1F, 8B, F8, C1, FF, 05, C1, E1, 06, 03, 0C, BD, 40, 2D, 43, 00, EB, 02, 8B, CA, F6, 41, 24, 7F, 75, 26, 83, F8, FF, 74, 19, 83, F8, FE, 74, 14, 8B, C8, 83, E0, 1F, C1, F9, 05, C1, E0, 06, 03, 04, 8D, 40, 2D, 43, 00, EB, 02, 8B, C2, F6, 40, 24, 80, 74, 1F, E8, 45, 17, 00, 00, 33, FF, 57, 57, 57, 57, 57... 
[+]

Code size:

160 KB (163,840 bytes)

The file install_flash_player_13_active_x.exe has been discovered within the following programs.

Adobe Flash Player 18 ActiveX by Adobe Systems Incorporated

www.adobe.com

9% remove it

Adobe Flash Player 18 NPAPI by Adobe Systems Incorporated

3% remove it

Adobe Flash Player 25 ActiveX by Adobe Systems Incorporated

9% remove it

Adobe Flash Player 25 NPAPI by Adobe Systems Incorporated

8% remove it

The file install_flash_player_13_active_x.exe has been seen being distributed by the following 36 URLs.

http://www.bin.ge/getfilee.php?id=23D3C187&access_key=NGE0YTdmNGIzYzUxMmY4ZmUzNzY4MTdlM2RmNTQwZGExOWJiM2I2NTQ0MWRhOWIwNTg3NzkwOGEzMTFhMWI2MTI3&captcha=343435

http://www.bin.ge/getfilee.php?id=23D3C187&access_key=MmVjNjIxM2JhNDY0N2ZkZmNjNTI4ODljM2I0MGU4YmM1YjEyODM1MTA1YTMwOGRkOTdhMjYyODNhODA1MTJjNDI3&captcha=323431

http://metropolitana/.../flash.exe

http://www.bin.ge/getfilee.php?id=23D3C187&access_key=YzZjM2NlNTQ5ZTkwNmUxZGUwMTU3YzcwZjY0NWYzMDFkYTkyNTJhZDliMmU0Zjg0YWRhNTY1NWM0NjFkMjg2NTEx&captcha=393635

http://fl.gamesky.ir/.../install_flash_player_13_active_x.exe

http://www.filepuma.com/file/1399035361c5708/adobe_flash_player_ie_13.0.0.206/.../0/

http://www.filepuma.com/file/1398748661c5708/adobe_flash_player_ie_13.0.0.206/.../0/

http://www.filepuma.com/down/1399042288c5708/adobe_flash_player_ie_13.0.0.206/.../0/

http://www.filepuma.com/file/1399042288c5708/adobe_flash_player_ie_13.0.0.206/.../0/

http://www.filepuma.com/down/1399041591c5708/adobe_flash_player_ie_13.0.0.206/.../0/

http://www.filepuma.com/down/1398890457c5708/adobe_flash_player_ie_13.0.0.206/.../0/

http://www.filepuma.com/file/1398890457c5708/adobe_flash_player_ie_13.0.0.206/.../0/

http://www.filepuma.com/file/1399041591c5708/adobe_flash_player_ie_13.0.0.206/.../0/

http://www.filepuma.com/down/1399231286c5708/adobe_flash_player_ie_13.0.0.206/.../0/

http://www.filepuma.com/file/1399231286c5708/adobe_flash_player_ie_13.0.0.206/.../0/

http://www.filepuma.com/down/1399132335c5708/adobe_flash_player_ie_13.0.0.206/.../0/

http://www.filepuma.com/file/1399132335c5708/adobe_flash_player_ie_13.0.0.206/.../0/

http://www.filepuma.com/file/1399985914c5708/adobe_flash_player_ie_13.0.0.206/.../0/

http://www.filepuma.com/file/1398834323c5708/adobe_flash_player_ie_13.0.0.206/.../0/

http://www.filepuma.com/down/1399626379c5708/adobe_flash_player_ie_13.0.0.206/.../0/

http://www.filepuma.com/file/1399626379c5708/adobe_flash_player_ie_13.0.0.206/.../0/

http://www.filepuma.com/down/1399322217c5708/adobe_flash_player_ie_13.0.0.206/.../0/

http://www.filepuma.com/file/1399322217c5708/adobe_flash_player_ie_13.0.0.206/.../0/

http://www.filepuma.com/down/1399585234c5708/adobe_flash_player_ie_13.0.0.206/.../0/

http://www.filepuma.com/file/1399585234c5708/adobe_flash_player_ie_13.0.0.206/.../0/

http://download.macromedia.com/pub/flashplayer/current/.../install_flash_player_ax.exe

http://fileforum.betanews.com/sendfile/964714156/1/.../install_flash_player_ax.exe

http://www.filepuma.com/down/1398762681c5708/adobe_flash_player_ie_13.0.0.206/.../0/

http://www.filepuma.com/file/1398762681c5708/adobe_flash_player_ie_13.0.0.206/.../0/

http://down.filepuma.com/files/internet-browser-and-plugins/.../Adobe_Flash_Player_(IE)_v13.0.0.206.exe

Latest 30 of 36 download URLs

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.