» flash_player_21.exe
Overview
Analysis
File Details
Downloads (1)

flash_player_21.exe

Express

Photodex Corporation

The executable flash_player_21.exe, “Post Exceeded Optionally Meaningfully Cyberdrive” has been detected as malware by 25 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from lalala2.jelastic.dogado.eu.

File name:

flash_player_21.exe

Publisher:

Photodex Corporation

Product:

Express

Description:

Post Exceeded Optionally Meaningfully Cyberdrive

Version:

2.4.5.8

MD5:

e49374304be75ba0b2e49de8c2619a73

SHA-1:

ff2ed078fde10b996d37bb7f15eb1577dc81f6fc

SHA-256:

dfa9c308945bda70e4c3f42e62d5e50d1c642d1646ca04298d8b5966f67f8a61

Scanner detections:

25 / 68

Status:

Malware

Analysis date:

7/8/2025 5:35:51 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.GenericKD.2764364

375

Agnitum Outpost

Trojan.Yakes

7.1.1

Avira AntiVirus

TR/AD.Injector.M.109

8.3.2.2

Arcabit

Trojan.Generic.D2A2E4C

1.0.0.576

avast!

Win32:Malware-gen

2014.9-160126

AVG

Crypt5

2017.0.2853

Bitdefender

Trojan.GenericKD.2764364

1.0.20.130

Bkav FE

HW32.Packed

1.3.0.7237

Emsisoft Anti-Malware

Trojan.GenericKD.2764364

8.16.01.26.02

ESET NOD32

Win32/Kryptik.DYGF (variant)

10.12372

Fortinet FortiGate

W32/Yakes.DYGF!tr

1/26/2016

F-Secure

Trojan.GenericKD.2764364

11.2016-26-01_3

G Data

Trojan.GenericKD.2764364

16.1.25

IKARUS anti.virus

Trojan.Win32.Crypt

t3scan.1.9.5.0

K7 AntiVirus

Trojan

13.210.17460

Kaspersky

Trojan.Win32.Yakes

14.0.0.760

Malwarebytes

Spyware.Pony

v2016.01.26.02

McAfee

RDN/Generic.dx

5600.6509

MicroWorld eScan

Trojan.GenericKD.2764364

17.0.0.78

NANO AntiVirus

Trojan.Win32.Yakes.dxphql

0.30.26.3947

nProtect

Trojan.GenericKD.2764364

15.10.07.01

Panda Antivirus

Generic Suspicious

16.01.26.02

Qihoo 360 Security

HEUR/QVM10.1.Malware.Gen

1.0.0.1015

Sophos

Mal/Generic-S

4.98

VIPRE Antivirus

Trojan.Win32.Generic

44360

File size:

941.5 KB (964,096 bytes)

Product version:

2.4.5.8

Trademarks:

Original file name:

Express

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\downloads\flash_player_21.exe

File PE Metadata

Compilation timestamp:

9/23/2015 5:25:46 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

24576:QvwHLh0t5iyVlHdjYEAm21F+eN/FAAx3aM5E+Qf7lT7G6zS:Qsh0t5iyVl9jvA51Yk/FRKMyFf7lTPe

Entry address:

0x6216

Entry point:

E8, C2, 4A, 00, 00, E9, 89, FE, FF, FF, 8B, 4C, 24, 04, F7, C1, 03, 00, 00, 00, 74, 24, 8A, 01, 83, C1, 01, 84, C0, 74, 4E, F7, C1, 03, 00, 00, 00, 75, EF, 05, 00, 00, 00, 00, 8D, A4, 24, 00, 00, 00, 00, 8D, A4, 24, 00, 00, 00, 00, 8B, 01, BA, FF, FE, FE, 7E, 03, D0, 83, F0, FF, 33, C2, 83, C1, 04, A9, 00, 01, 01, 81, 74, E8, 8B, 41, FC, 84, C0, 74, 32, 84, E4, 74, 24, A9, 00, 00, FF, 00, 74, 13, A9, 00, 00, 00, FF, 74, 02, EB, CD, 8D, 41, FF, 8B, 4C, 24, 04, 2B, C1, C3, 8D, 41, FE, 8B, 4C, 24, 04, 2B, C1... 
[+]

Code size:

61.5 KB (62,976 bytes)

The file flash_player_21.exe has been seen being distributed by the following URL.

https://lalala2.jelastic.dogado.eu/Flash_Player_21.exe

Remove flash_player_21.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.