home

SwFlsh32.exe

Shockwave Flash

Macromedia, Inc.

This is a setup program which is used to install the application. The file has been seen being downloaded from squaal.free.fr.
Publisher:
Macromedia, Inc.

Product:
Shockwave Flash

Description:
Shockwave Flash 3.0 r8

Version:
3, 0, 8, 0

MD5:
8c5c9499e5bf2515b46ad201e8340748

SHA-1:
df382e06b0b50420b6d63240efe0681998fa8dfb

SHA-256:
101bcf563ebe0e8ef4f0a63513614791b3c306c10f8382416276992a85dd63b1

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/24/2024 3:02:27 AM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
HW32.Pedka
1.3.0.4261

File size:
709.2 KB (726,251 bytes)

Product version:
3, 0, 8, 0

Copyright:
Copyright (c) Macromedia, Inc. 1996-97

Original file name:
SwFlsh32.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\swflsh32.exe

File PE Metadata
Compilation timestamp:
4/21/1998 2:30:05 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
5.0

CTPH (ssdeep):
12288:Lgr0MwfI3T6d+7FuMPGapENWgN8aAVwpzf2xZwOjr/R6EZLWGX+Yk7t5wEPGIjOL:r2TMzc4xIOGIjOKCx

Entry address:
0x3973

Entry point:
55, 8B, EC, 83, EC, 44, 56, FF, 15, 94, 13, 42, 00, 8B, F0, B1, 22, 8A, 06, 3A, C1, 75, 13, 8A, 46, 01, 46, 3A, C1, 74, 04, 84, C0, 75, F4, 38, 0E, 75, 0D, 46, EB, 0A, 3C, 20, 7E, 06, 46, 80, 3E, 20, 7F, FA, 8A, 06, 84, C0, 74, 07, 3C, 20, 7F, 03, 46, EB, F3, 83, 65, E8, 00, 8D, 45, BC, 50, FF, 15, 98, 13, 42, 00, F6, 45, E8, 01, 74, 06, 0F, B7, 45, EC, EB, 03, 6A, 0A, 58, 50, 56, 6A, 00, 6A, 00, FF, 15, 48, 13, 42, 00, 50, E8, 0A, 00, 00, 00, 50, FF, 15, 44, 13, 42, 00, 5E, C9, C3, 55, 8B, EC, 81, EC, 24...
 
[+]

Entropy:
7.7276

Developed / compiled with:
Microsoft Visual C++

Code size:
108.5 KB (111,104 bytes)

The file SwFlsh32.exe has been discovered within the following program.

Eudora  by QUALCOMM Incorporated
Eudora is an email client that supports the POP3, IMAP and SMTP protocols. The original version is no longer in developement, there is an open-source version available.
www.eudora.com
About 1% of users remove it
 
Powered by Should I Remove It?

The file SwFlsh32.exe has been seen being distributed by the following URL.

http://squaal.free.fr/.../the_four.exe

Scan SwFlsh32.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.