» flashplayerupdateservice.exe
Overview
Analysis
File Details
Behaviors (1)

flashplayerupdateservice.exe

Adobe Flash Player Update Service

The executable flashplayerupdateservice.exe, “Adobe® Flash® Player Update Service 25.0 r0” has been detected as malware by 3 anti-virus scanners. It runs as a scheduled task under the Windows Task Scheduler triggered daily at a specified time.

File name:

Publisher:

Adobe Systems Incorporated* (Invalid match)

Product:

Adobe® Flash® Player Update Service

Description:

Adobe® Flash® Player Update Service 25.0 r0

Version:

25,0,0,127

MD5:

6d41661767086b9796c405b06082ae68

SHA-1:

6dc5a160f5adf158bdcdc6673f513e149ddca5f6

SHA-256:

c4440a9a08989bb57246ed5a847bfeee459bcd6e17bc3ef4733210cf9a87141b

Scanner detections:

3 / 68

Status:

Malware

Analysis date:

5/3/2024 1:54:42 AM UTC (today)

Scan engine

Detection

Engine version

avast!

Win32:Xpirat

160917-0

Dr.Web

Win32.Expiro.80

9.0.1.05190

F-Prot

New or modified Expiro

4.6.5.141

File size:

841 KB (861,184 bytes)

Product version:

25,0,0,127

Trademarks:

Adobe® Flash® Player

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe

File PE Metadata

Compilation timestamp:

3/1/2017 4:01:44 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

9.0

Entry address:

0x17AA2

Entry point:

60, 55, 89, E5, 81, EC, 08, 01, 00, 00, C7, 45, EC, 06, 00, 00, 00, C7, 45, F4, 04, 00, 00, 00, 83, 65, F8, 00, 8B, 45, EC, 83, E8, 06, 89, 45, F0, C7, 45, B8, BA, 35, 00, 00, C7, 45, E8, AE, B7, CA, 0E, B8, 45, 01, 00, 00, F7, 65, B8, 89, 45, 90, 89, 45, F8, C7, 45, F0, 15, 39, 00, 00, 81, 45, F0, D7, 44, 00, 00, 81, 45, F0, 14, 3A, 03, 00, 8B, 45, F4, 03, 45, EC, 83, E8, 0A, 89, 45, C4, 81, 45, F8, 8E, 13, 00, 00, FF, 4D, E8, C7, 45, E4, 1A, 12, 00, 00, 8B, 45, E4, 29, 45, F8, C7, 45, DC, B0, 4C, 44, 00... 
[+]

Entropy:

7.2591

Code size:

183.5 KB (187,904 bytes)

Scheduled Task

Task name:

Adobe Flash Player Updater

Trigger:

Daily (Runs daily at 05:00:00 PM)

Description:

This task keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes. If this task is disabled or removed,

Remove flashplayerupdateservice.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.