install_flashplayer14x32ax_gtba_chra_dy_aaa_aih.exe

Adobe Installation Helper

Adobe Systems Incorporated

This is a self-extracting archive and installer. The file has been seen being downloaded from get.adobe.com and multiple other hosts.
Publisher:
Adobe  (signed by Adobe Systems Incorporated)

Product:
Adobe Installation Helper

Version:
3.5.4.25

MD5:
3d350d3868e6280e63806ebd096fb403

SHA-1:
5434ee6d715b1ade06ec4a6c0253c66932e3c9e7

SHA-256:
600c46382102038b1af8f4ebd8ec1c4ceab2a7dca33159736f050bc6820cabca

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/9/2016 10:57:35 AM UTC  (today)

File size:
1 MB (1,057,688 bytes)

Product version:
2.0.2.7

Copyright:
Copyright © Adobe Systems Incorporated

Original file name:
host.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\low\content.ie5\{random}\install_flashplayer14x32ax_gtba_chra_dy_aaa_aih.exe

Digital Signature
Authority:
Symantec Corporation

Valid from:
7/30/2013 1:00:00 AM

Valid to:
7/26/2015 12:59:59 AM

Subject:
CN=Adobe Systems Incorporated, OU=CS Production, O=Adobe Systems Incorporated, L=San Jose, S=California, C=US, SERIALNUMBER=2748129, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.2=Delaware, OID.1.3.6.1.4.1.311.60.2.1.3=US

Issuer:
CN=Symantec Class 3 Extended Validation Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
4272E5D73E43628B1CF3F7F2D5F54BAD

File PE Metadata
Compilation timestamp:
5/21/2014 11:59:09 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
24576:ChQMSJvM7f824i8s450w6wULfKZa2dBVaxxgK10jEe:Q/AHqwUb2a2rVQghEe

Entry address:
0xA4071

Entry point:
60, E8, 00, 00, 00, 00, 58, 05, 5A, 0B, 00, 00, 8B, 30, 03, F0, 2B, C0, 8B, FE, 66, AD, C1, E0, 0C, 8B, C8, 50, AD, 2B, C8, 03, F1, 8B, C8, 57, 51, 49, 8A, 44, 39, 06, 88, 04, 31, 75, F6, 2B, C0, AC, 8B, C8, 80, E1, F0, 24, 0F, C1, E1, 0C, 8A, E8, AC, 0B, C8, 51, 02, CD, BD, 00, FD, FF, FF, D3, E5, 59, 58, 8B, DC, 8D, A4, 6C, 90, F1, FF, FF, 51, 2B, C9, 51, 51, 8B, CC, 51, 66, 8B, 17, C1, E2, 0C, 52, 57, 83, C1, 04, 51, 50, 83, C1, 04, 56, 51, E8, 5E, 00, 00, 00, 8B, E3, 5E, 5A, 2B, C0, 89, 04, 32, B4, 10...
 
[+]

Entropy:
7.9255

Packer / compiler:
ASPack v1.08.04

Code size:
466.5 KB (477,696 bytes)

The file install_flashplayer14x32ax_gtba_chra_dy_aaa_aih.exe has been discovered within the following program.

QuickTime 7  by Apple Inc.
Publisher's description - “QuickTime Player 7 supports older media formats, such as QTVR, interactive QuickTime movies, and MIDI files on Snow Leopard and OS X Lion. It also accepts QuickTime 7 Pro registration codes, which turn on QuickTime Pro functions.”
www.apple.com
10% remove it
 
Powered by Should I Remove It?

The file install_flashplayer14x32ax_gtba_chra_dy_aaa_aih.exe has been seen being distributed by the following 11 URLs.

http://get.adobe.com/br/flashplayer/download/.../?installer=Flash_Player_14_for_Internet_Explorer&os=Windows 7&browser_type=MSIE&browser_dist=OEM&a=Google_Toolbar_7.5&p=chr,gtb,mss&dualoffer=false

http://get.adobe.com/br/flashplayer/download/.../?installer=Flash_Player_14_for_Internet_Explorer&os=Windows 7&browser_type=MSIE&browser_dist=OEM&dualoffer=true&chromedefault=true&a=Google_Chrome_35.0_IE_Browser&d=Google_Toolbar_7.5

http://aihdownload.adobe.com/bin/.../install_flashplayer14x32ax_ltr5x32d_awk_aih.exe