» installax.exe
Overview
Analysis
File Details
Programs (2)
Downloads (10)

installax.exe

Adobe Flash Player Installer/Uninstaller

Adobe Systems Incorporated

This is a setup and installation application. The file has been seen being downloaded from dc19.arabsh.com and multiple other hosts.

File name:

installax.exe

Publisher:

Adobe Systems Incorporated (signed and verified)

Product:

Adobe® Flash® Player Installer/Uninstaller

Description:

Adobe® Flash® Player Installer/Uninstaller 11.4 r402

Version:

11,4,402,265

MD5:

2d5f38f54a4d270100e42375804918c9

SHA-1:

3e1385184fe89b2f41cb932b37147bc7a8516d30

SHA-256:

4d1ef912c2ea3a6e42bb48e822ecd634964f8ad298362c32d0242e7078d035d3

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/24/2024 6:57:56 PM UTC (today)

File size:

9.1 MB (9,575,112 bytes)

Product version:

11,4,402,265

Trademarks:

Adobe® Flash® Player

Original file name:

FlashUtil.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\temp\installax.exe

Digital Signature

Signed by:

Adobe Systems Incorporated

Authority:

VeriSign, Inc.

Valid from:

12/15/2010 2:00:00 AM

Valid to:

12/15/2012 1:59:59 AM

Subject:

CN=Adobe Systems Incorporated, OU=Digital ID Class 3 - Microsoft Software Validation v2, OU=Information Systems, O=Adobe Systems Incorporated, L=San Jose, S=California, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

15E5AC0A487063718E39DA52301A0488

File PE Metadata

Compilation timestamp:

8/15/2012 10:12:47 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

196608:MV9TqumzGCSK9+cPJPAk8jXQ/Pp63W5QnYAdnYrbO9oAuG1+jc:MV9+umz5DfBJ/Pp63rxRYnOpuGMjc

Entry address:

0x1042C

Entry point:

E8, AE, 2F, 00, 00, E9, 78, FE, FF, FF, 6A, 0C, 68, A0, DE, 41, 00, E8, 26, 21, 00, 00, 8B, 75, 08, 85, F6, 74, 75, 83, 3D, 1C, 1D, 42, 00, 03, 75, 43, 6A, 04, E8, 98, 31, 00, 00, 59, 83, 65, FC, 00, 56, E8, C0, 31, 00, 00, 59, 89, 45, E4, 85, C0, 74, 09, 56, 50, E8, E1, 31, 00, 00, 59, 59, C7, 45, FC, FE, FF, FF, FF, E8, 0B, 00, 00, 00, 83, 7D, E4, 00, 75, 37, FF, 75, 08, EB, 0A, 6A, 04, E8, 84, 30, 00, 00, 59, C3, 56, 6A, 00, FF, 35, 24, 1A, 42, 00, FF, 15, E8, A1, 41, 00, 85, C0, 75, 16, E8, BA, 08, 00... 
[+]

Entropy:

7.9966 (probably packed)

Code size:

97 KB (99,328 bytes)

The file installax.exe has been discovered within the following programs.

Okozo Desktop by Okozo

About 6% of users remove it

Ultra Screen Saver Maker by Finalhit

Publisher's description - “Create your own screen savers in 10 seconds - quickly and easily! Add images, sounds, movies, Flash animations, text, websites or images using keyword search to your own screensaver! Just collect media files, preview them and simply add to your screen saver project using a point-and-click interface.”

www.finalhit.com/products/ultra-screen-saver-maker

25% remove it

The file installax.exe has been seen being distributed by the following 10 URLs.

http://dc19.arabsh.com/file/1478883772/.../install_flash_player_ax.exe

http://edo.engdis.com/pucesi/Runtime/Programmers/.../FlashPlayerIE.exe

http://edonline.engdis.com/infop/Runtime/Programmers/.../FlashPlayerIE.exe

http://download1451.mediafire.com/bav8jvnddf9g/.../install_flash_player_ax.exe

http://www.bigspeedpro.com/software_files/flashplayer_ie/.../install_flash_player_ax.exe

http://fs12.filehippo.com/7302/.../install_flash_player_ax.exe

http://download.macromedia.com/pub/flashplayer/current/.../install_flash_player_ax.exe

http://fs40.filehippo.com/9304/.../install_flash_player_ax.exe

http://download.macromedia.com/get/flashplayer/current/licensing/.../install_flash_player_11_active_x.exe

http://fpdownload.macromedia.com/get/flashplayer/pdc/.../install_flash_player_ax.exe

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.