home

pepflashplayer.dll

Shockwave Flash

Lyoness Cashback AG

The module pepflashplayer.dll, “Shockwave Flash 17.0 r0” by Lyoness Cashback AG has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Adobe Systems, Inc.  (signed by Lyoness Cashback AG)

Product:
Shockwave Flash

Description:
Shockwave Flash 17.0 r0

Version:
17,0,0,169

MD5:
852d470057ee0c630d4786b8d4c06730

SHA-1:
cb3c44d488bf8fca682b7a81c9c7f711dac9ee25

SHA-256:
0c478b81c8f0a57062ef155b270b25f3e2c6a93e861df5d245d31dcf6c516f44

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
4/16/2024 5:59:01 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.LyonessCashbackAG (M)
16.1.13.21

File size:
14.3 MB (14,979,672 bytes)

Product version:
17,0,0,169

Copyright:
Adobe® Flash® Player. Copyright © 1996 - 2015 Adobe Systems Incorporated. All Rights Reserved. Adobe and Flash are either trademarks or registered tra

Trademarks:
Adobe Flash Player

Original file name:
pepflashplayer.dll

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\lyoness browser\application\42.0.2311.90\pepperflash\pepflashplayer.dll

Digital Signature
Signed by:
Lyoness Cashback AG

Authority:
GlobalSign nv-sa

Valid from:
10/21/2013 11:07:04 AM

Valid to:
10/21/2016 11:07:04 AM

Subject:
E=domainadmin@lyoness.ag, CN=Lyoness Cashback AG, O=Lyoness Cashback AG, L=Graz, S=Styria, C=AT

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121966E6F40865E27DA6418F77DA28077D3

File PE Metadata
Compilation timestamp:
4/11/2015 9:34:41 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
10.0

CTPH (ssdeep):
393216:IK67FwwxFPxcPRaJKSbrUATcLlXQ5b78qPVz+tm32gw3:IK6BwwxF5rKSbrU4/8qPVz+tmGgo

Entry address:
0x73C50B

Entry point:
8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 84, A1, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, 8B, FF, 55, 8B, EC, 8B, 45, 08, A3, 78, 80, DB, 10, 5D, C3, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A1, DC, D7, CE, 10, 33, C5, 89, 45, FC, 53, 8B, 5D, 08, 57, 83, FB, FF, 74, 07, 53, E8, D8, A1, 00, 00, 59, 83, A5, E0, FC, FF, FF, 00, 6A, 4C, 8D, 85, E4, FC, FF, FF, 6A, 00, 50, E8, D6, A1, 00, 00, 8D, 85, E0, FC, FF, FF, 89, 85, D8, FC, FF, FF, 8D, 85, 30, FD, FF...
 
[+]

Entropy:
7.0610

Code size:
10.3 MB (10,768,384 bytes)

Remove pepflashplayer.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.