» install_flashplayer14x32_x64md_aaa_aih.exe
Overview
Analysis
File Details
Downloads (1)

install_flashplayer14x32_x64md_aaa_aih.exe

Apple Inc.

The executable install_flashplayer14x32_x64md_aaa_aih.exe, “Apple Inc. 9.1.2 Installation ” has been detected as malware by 19 anti-virus scanners. This is a setup and installation application, however the file is not signed with an authenticode signature from a trusted source. The file has been seen being downloaded from www.videooizleyin.com.

File name:

Publisher:

Apple Inc.

Description:

Apple Inc. 9.1.2 Installation

Version:

9.1.2

MD5:

e3c37300020f35dd0bf2d7fc6ed934a6

SHA-1:

c8118b3a668e97779d28d4e2ca16f1e288385be2

SHA-256:

99d8fa8f612151ce9a46a7f0e8816e62d3fa453db2028ab386a201bedd3fe1aa

Scanner detections:

19 / 68

Status:

Malware

Analysis date:

4/19/2024 10:24:05 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.Generic.12585790

715

Avira AntiVirus

TR/Crypt.cfi.besd

7.11.208.204

avast!

Win32:Dropper-gen [Drp]

2014.9-150220

Baidu Antivirus

Trojan.Win32.VB

4.0.3.15220

Bitdefender

Trojan.Generic.12585790

1.0.20.255

Dr.Web

Trojan.Siggen1.63828

9.0.1.051

Emsisoft Anti-Malware

Trojan.Generic.12585790

8.15.02.20.11

ESET NOD32

Win32/VB.RTN

9.11142

Fortinet FortiGate

W32/ExtenBro.AK!tr

2/20/2015

F-Secure

Trojan.Generic.12585790

11.2015-20-02_6

G Data

Trojan.Generic.12585790

15.2.25

Kaspersky

Trojan.Win32.VB

14.0.0.2458

Malwarebytes

Trojan.KBayi.FLA

v2015.02.20.11

McAfee

Artemis!E3C37300020F

5600.6849

MicroWorld eScan

Trojan.Generic.12585790

16.0.0.153

nProtect

Trojan.Generic.12585790

15.02.06.01

Qihoo 360 Security

Win32/Trojan.682

1.0.0.1015

Quick Heal

TrojanDownloader.Murlo.clv.n3

2.15.14.00

Zillya! Antivirus

Trojan.VB.Win32.131371

2.0.0.2058

File size:

922.6 KB (944,763 bytes)

Apple Inc.

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\downloads\install_flashplayer14x32_x64md_aaa_aih.exe

File PE Metadata

Compilation timestamp:

9/25/2009 8:57:32 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

7.10

CTPH (ssdeep):

12288:sNIQAPGsAqY9IMVYd38sJdpQHlGlY8KfT8Zi36oyBbXCRdwiuXMb/l9TXQCs:tPGSY91VwNJcFMqT5dQMbdVXls

Entry address:

0x42B4F

Entry point:

6A, 60, 68, 88, 1A, 46, 00, E8, AD, 5C, 01, 00, BF, 94, 00, 00, 00, 8B, C7, E8, E9, 56, 01, 00, 89, 65, E8, 8B, F4, 89, 3E, 56, FF, 15, 14, A2, 45, 00, 8B, 4E, 10, 89, 0D, A4, B4, 46, 00, 8B, 46, 04, A3, B0, B4, 46, 00, 8B, 56, 08, 89, 15, B4, B4, 46, 00, 8B, 76, 0C, 81, E6, FF, 7F, 00, 00, 89, 35, A8, B4, 46, 00, 83, F9, 02, 74, 0C, 81, CE, 00, 80, 00, 00, 89, 35, A8, B4, 46, 00, C1, E0, 08, 03, C2, A3, AC, B4, 46, 00, 33, F6, 56, 8B, 3D, 5C, A2, 45, 00, FF, D7, 66, 81, 38, 4D, 5A, 75, 1F, 8B, 48, 3C, 03... 
[+]

Developed / compiled with:

Microsoft Visual C++ v7.0

Code size:

354 KB (362,496 bytes)

The file install_flashplayer14x32_x64md_aaa_aih.exe has been seen being distributed by the following URL.

http://www.videooizleyin.com/dl.php

Remove install_flashplayer14x32_x64md_aaa_aih.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.