» install_flashplayer14x32ax_gtba_chra_dy_aaa_aih.exe
Overview
Analysis
File Details
Programs (1)
Downloads (25)

install_flashplayer14x32ax_gtba_chra_dy_aaa_aih.exe

Adobe Installation Helper

Adobe Systems Incorporated

This is a self-extracting archive and installer. The file has been seen being downloaded from get.adobe.com and multiple other hosts.

File name:

install_flashplayer14x32ax_gtba_chra_dy_aaa_aih.exe

Publisher:

Adobe (signed by Adobe Systems Incorporated)

Product:

Adobe Installation Helper

Version:

3.5.4.25

MD5:

3d350d3868e6280e63806ebd096fb403

SHA-1:

5434ee6d715b1ade06ec4a6c0253c66932e3c9e7

SHA-256:

600c46382102038b1af8f4ebd8ec1c4ceab2a7dca33159736f050bc6820cabca

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/19/2024 9:46:51 PM UTC (today)

File size:

1 MB (1,057,688 bytes)

Product version:

2.0.2.7

Original file name:

host.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\low\content.ie5\{random}\install_flashplayer14x32ax_gtba_chra_dy_aaa_aih.exe

Digital Signature

Signed by:

Adobe Systems Incorporated

Authority:

Symantec Corporation

Valid from:

7/30/2013 1:00:00 AM

Valid to:

7/26/2015 12:59:59 AM

Subject:

CN=Adobe Systems Incorporated, OU=CS Production, O=Adobe Systems Incorporated, L=San Jose, S=California, C=US, SERIALNUMBER=2748129, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.2=Delaware, OID.1.3.6.1.4.1.311.60.2.1.3=US

Issuer:

CN=Symantec Class 3 Extended Validation Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:

4272E5D73E43628B1CF3F7F2D5F54BAD

File PE Metadata

Compilation timestamp:

5/21/2014 11:59:09 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

24576:ChQMSJvM7f824i8s450w6wULfKZa2dBVaxxgK10jEe:Q/AHqwUb2a2rVQghEe

Entry address:

0xA4071

Entry point:

60, E8, 00, 00, 00, 00, 58, 05, 5A, 0B, 00, 00, 8B, 30, 03, F0, 2B, C0, 8B, FE, 66, AD, C1, E0, 0C, 8B, C8, 50, AD, 2B, C8, 03, F1, 8B, C8, 57, 51, 49, 8A, 44, 39, 06, 88, 04, 31, 75, F6, 2B, C0, AC, 8B, C8, 80, E1, F0, 24, 0F, C1, E1, 0C, 8A, E8, AC, 0B, C8, 51, 02, CD, BD, 00, FD, FF, FF, D3, E5, 59, 58, 8B, DC, 8D, A4, 6C, 90, F1, FF, FF, 51, 2B, C9, 51, 51, 8B, CC, 51, 66, 8B, 17, C1, E2, 0C, 52, 57, 83, C1, 04, 51, 50, 83, C1, 04, 56, 51, E8, 5E, 00, 00, 00, 8B, E3, 5E, 5A, 2B, C0, 89, 04, 32, B4, 10... 
[+]

Entropy:

7.9255

Packer / compiler:

ASPack v1.08.04

Code size:

466.5 KB (477,696 bytes)

The file install_flashplayer14x32ax_gtba_chra_dy_aaa_aih.exe has been discovered within the following program.

QuickTime 7 by Apple Inc.

Publisher's description - “QuickTime Player 7 supports older media formats, such as QTVR, interactive QuickTime movies, and MIDI files on Snow Leopard and OS X Lion. It also accepts QuickTime 7 Pro registration codes, which turn on QuickTime Pro functions.”

www.apple.com

10% remove it

The file install_flashplayer14x32ax_gtba_chra_dy_aaa_aih.exe has been seen being distributed by the following 25 URLs.

http://get.adobe.com/br/flashplayer/download/.../?installer=Flash_Player_14_for_Internet_Explorer&os=Windows 7&browser_type=MSIE&browser_dist=OEM&dualoffer=true&chromedefault=true&a=Google_Toolbar_7.5&a=Google_Chrome_35.0_IE_Browser

http://aihdownload.adobe.com/bin/.../install_flashplayer14x32ax_gtba_awk_aih.exe

http://aihdownload.adobe.com/bin/.../install_flashplayer14x32ax_gtba_awe_aih.exe

http://aihdownload.adobe.com/bin/.../install_flashplayer14x32ax_gtbd_chrd_dn_awc_aih.exe

http://aihdownload.adobe.com/bin/.../install_flashplayer14x32ax_gtbd_awe_aih.exe

http://global-shared-files-l3.softonic.com/543/4ee/.../file?nvb=20141006085707&nva=20141006205807&token=0b199ba76d5287de0b334&instance=softonic_nl&filename=install_flashplayer14x32ax_mssa_aaa_aih.exe

http://aihdownload.adobe.com/bin/.../install_flashplayer14x32ax_chrd_dn_awf_aih.exe

http://aihdownload.adobe.com/bin/.../install_flashplayer14x32ax_ltr5x64d_awk_aih.exe

http://aihdownload.adobe.com/bin/.../install_flashplayer14x32ax_mssa_awk_aih.exe

http://aihdownload.adobe.com/bin/.../install_flashplayer14x32ax_gtbd_chra_dy_aaa_aih.exe

http://aihdownload.adobe.com/bin/.../install_flashplayer14x32ax_ltr5x64d_awc_aih.exe

http://aihdownload.adobe.com/bin/.../install_flashplayer14x32ax_chrd_dn_awa_aih.exe

http://aihdownload.adobe.com/bin/.../install_flashplayer14x32ax_mssa_awe_aih.exe

http://get.adobe.com/br/flashplayer/download/.../?installer=Flash_Player_14_for_Internet_Explorer&os=Windows 7&browser_type=MSIE&browser_dist=OEM&a=Google_Toolbar_7.5&p=chr,gtb,mss&dualoffer=false

http://aihdownload.adobe.com/bin/.../install_flashplayer14x32ax_ltr5x32d_awk_aih.exe

http://aihdownload.adobe.com/bin/.../install_flashplayer14x32ax_chra_dy_awa_aih.exe

http://aihdownload.adobe.com/bin/.../install_flashplayer14x32ax_gtba_chra_dy_aaa_aih.exe

http://get.adobe.com/flashplayer/download/.../?installer=Flash_Player_14_for_Internet_Explorer&os=Vista&browser_type=MSIE&browser_dist=OEM&dualoffer=true&chromedefault=true&a=Google_Toolbar_7.5&a=Google_Chrome_29.0_IE_Browser

http://aihdownload.adobe.com/bin/.../install_flashplayer14x32ax_gtbd_chrd_dn_aaa_aih.exe

http://get.adobe.com/flashplayer/download/.../?installer=Flash_Player_14_for_Internet_Explorer&os=Windows 7&browser_type=MSIE&browser_dist=OEM&dualoffer=true&chromedefault=false&d=Google_Toolbar_7.5&d=Google_Chrome_35.0_IE_Browser

http://aihdownload.adobe.com/bin/.../install_flashplayer14x32ax_ltr5x32d_awc_aih.exe

http://aihdownload.adobe.com/bin/.../install_flashplayer14x32ax_mssa_aaa_aih.exe

http://aihdownload.adobe.com/bin/.../install_flashplayer14x32ax_mssd_aaa_aih.exe

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.