» adobe flash player install x32-x64.exe
Overview
Analysis
File Details
Downloads (1)

adobe flash player install x32-x64.exe

Sunny Player

The executable adobe flash player install x32-x64.exe has been detected as malware by 32 anti-virus scanners. The file has been seen being downloaded from siparisodemesi.com.

File name:

Publisher:

Microsoft* (Invalid match)

Product:

Sunny Player

Version:

1.0.0.0

MD5:

8a23b0e11e18a0103564eb246e85a440

SHA-1:

4aa8d75eb06c4eadfb3a4dde3a6dacd54457d78f

SHA-256:

32ebc4138e66410254f0c45c8e158d7ceb0dc630d21b94b221a9651fbe39dc24

Scanner detections:

32 / 68

Status:

Malware

Analysis date:

11/5/2024 10:43:48 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Kazy.490583

362

Agnitum Outpost

Trojan.Agent

7.1.1

AhnLab V3 Security

Malware/Win32.Generic

2015.04.10

Avira AntiVirus

TR/ExtenBro.36352

3.6.1.96

avast!

Win32:Malware-gen

2014.9-160208

AVG

MSIL5

2017.0.2840

Baidu Antivirus

Trojan.MSIL.ExtenBro

4.0.3.1628

Bitdefender

Gen:Variant.Kazy.490583

1.0.20.195

Comodo Security

UnclassifiedMalware

21705

Dr.Web

Trojan.DownLoader11.40897

9.0.1.039

Emsisoft Anti-Malware

Gen:Variant.Kazy.490583

8.16.02.08.06

ESET NOD32

MSIL/ExtenBro.AA (variant)

10.11449

Fortinet FortiGate

MSIL/ExtenBro.Y!tr

2/8/2016

F-Secure

Trojan:W32/Kilim.AG

11.2016-08-02_2

G Data

Gen:Variant.Kazy.490583

16.2.25

IKARUS anti.virus

Trojan.MSIL.ExtenBro

t3scan.1.8.9.0

K7 AntiVirus

Trojan

13.202.15544

Kaspersky

Trojan.MSIL.Agent

14.0.0.694

Malwarebytes

Trojan.MSIL

v2016.02.08.06

McAfee

Artemis!8A23B0E11E18

5600.6496

Microsoft Security Essentials

Trojan:MSIL/Kilim.F

1.1.11502.0

MicroWorld eScan

Gen:Variant.Kazy.490583

17.0.0.117

NANO AntiVirus

Trojan.Win32.Agent.doaoht

0.30.10.952

Norman

Troj_Generic.YBMXG

11.20160208

Panda Antivirus

Trj/CI.A

16.02.08.06

Qihoo 360 Security

HEUR/QVM03.0.Malware.Gen

1.0.0.1015

Quick Heal

Trojan.Kilim.F4

2.16.14.00

Sophos

Mal/MSIL-LX

4.98

Trend Micro House Call

TROJ_GEN.R03HC0DLV14

7.2.39

Trend Micro

TROJ_GEN.R03HC0DLV14

10.465.08

Vba32 AntiVirus

Trojan.MSIL.Agent

3.12.26.3

VIPRE Antivirus

Trojan.Win32.Generic

39194

File size:

35.5 KB (36,352 bytes)

Product version:

1.0.0.0

Original file name:

Sunny Player.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\adobe flash player install x32-x64.exe

File PE Metadata

Compilation timestamp:

11/6/2014 9:06:06 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

768:ePRP/Kx+/qF+q71bPhnpwY9VSTvPrMSnGF:ePRP/Kx+/xq71bP596MSG

Entry address:

0x60DE

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

5.3165

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

16.5 KB (16,896 bytes)

The file adobe flash player install x32-x64.exe has been seen being distributed by the following URL.

http://siparisodemesi.com/.../adobe.html

Remove adobe flash player install x32-x64.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.