adobe flash player.exe

flash setup

Digital Zones

The application adobe flash player.exe by Digital Zones has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The file has been seen being downloaded from update2now.upalways.site and multiple other hosts.
Publisher:
Digital Zones  (signed and verified)

Product:
flash setup

Version:
1.0.0.0

MD5:
d8f10ed610be51e7ab1bc112a4cb3c92

SHA-1:
d5e9b27d93b467b1bfb558ebb80e4b71ec5b4915

SHA-256:
fa0c4e728d969088f12e5c69afbfbe35c42f82d969c4a6717443e48fe28d6f74

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/23/2024 9:24:25 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.DigitalZ.Installer (M)
16.6.10.15

File size:
152.6 KB (156,240 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © 2016

Original file name:
Flash.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\adobe flash player.exe

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
3/27/2016 8:00:00 PM

Valid to:
3/28/2017 7:59:59 PM

Subject:
CN=Digital Zones, OU=Digital Zone, O=Digital Zones, STREET="ul. Akademika Koroleva, d. 9 korp. 5", L=Moscow, S=Moscow, PostalCode=129515, C=RU

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
07775D7C7B8C20E915DD534EA4F8DB84

File PE Metadata
Compilation timestamp:
6/10/2016 8:00:49 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
3072:ArY2fnJttMUeTkHHRAzQ4IbLHhxy/jJdurUh1T/WLwXF96:FQEQ7hxyLur+YWFo

Entry address:
0x39CE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 04, 00, 03, 00, 00, 00, 30, 00, 00, 80, 0E, 00, 00, 00, A8, 00, 00, 80, 10, 00, 00, 00, C0, 00, 00, 80, 18, 00, 00, 00, D8, 00, 00, 80, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 0D, 00, 02, 00, 00, 00, F0, 00, 00, 80, 03, 00, 00, 00, 08, 01...
 
[+]

Entropy:
6.2175

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
6.5 KB (6,656 bytes)

The file adobe flash player.exe has been seen being distributed by the following 50 URLs.

http://update2now.upalways.site/dl.php?ghr=qThOFu-ZogJR5BPy4wAWiblETJBmXOOb2PnKgHwtfJY.&cid=178154382577&sid=598510&uuid=a56bcc0c-561c-4150-94c9-a69b7d060973&conversion_id=14660946402911&app_id=4&lp_id=1602&v=tribat&stub_id=305&v_id=qWKXSoR7BtkW6ojdoYftnxxrHmcfz1aRQUQL4Ux-9zE.&lpp=*-*-*

http://alwaysup.newsoft247.xyz/dl.php?pcl=PYkNL5sAbbSY2HkOPtV-iwf0byznXlsU9d4ffMIl7dA.&cid=77586868f09a1da1b616359e2d18c72a-8148&sub=2017&conversion_id=14662563458988&app_id=10&lp_id=1327&v=tribat&stub_id=305&v_id=MFA5z3RylDDNAWEPRLIhFPy_hbL77wgGuaGBIzfrNtc.&lpp=w*-ch*-*

http://updatenew.soft-videosystem.xyz/dl.php?gfsd=qThOFu-ZogJR5BPy4wAWiblETJBmXOOb2PnKgHwtfJY.&cid=178788146836&sid=620061&conversion_id=14662137813635&app_id=4&lp_id=1713&v=tribat&stub_id=305&v_id=ZctjOGMdkZzsnkTw6kU7T_J_36O_chi89lVWzb1zb9U.&lpp=*-*-*

http://24pcupgrade.newsoft2updates.xyz/dl.php?pcl=qThOFu-ZogJR5BPy4wAWiblETJBmXOOb2PnKgHwtfJY.&cid=178368342325&sid=119133&uuid=94ee0ce5-c555-4249-bc63-34f4fcb3418e&conversion_id=14661336829114&app_id=4&lp_id=1713&v=tribat&stub_id=305&v_id=CcQ45MqgmZcBTDfZ5G9dRKoOcSYoTEAPMTxbtiBqvsE.&lpp=*-*-*

http://24pcupgrade.upalways.online/dl.php?hfg=qThOFu-ZogJR5BPy4wAWiblETJBmXOOb2PnKgHwtfJY.&cid=177501712226&sid=10802&uuid=51540bb0-8717-4730-9705-31662843fdba&conversion_id=14659557141158&app_id=4&lp_id=1713&v=tribat&stub_id=305&v_id=ALZqlgzE9ewCmjuCsF_qXzPfGpf3EV8HQD3coqJgSmQ.&lpp=*-*-*

http://ready4newsoft.systemsafeupdater.xyz/dl.php?tfyh=1ereJk3NHQ7y1fSiC174L3LbnJLmvWtZsxfHTKhBgOE.&cid=IfrbtffsSvJ6a6DkGOmF3MbJQebR47HJ8xWCGkZt8qAM1VrDLBTeo80IYfYCvNiY2GAxP5EKNQBkMijTV07dekuMIkP_rNIv0kYiwQmYpr0hkd86cqiRu6vLqnNN9gsKdjiKjK3iSOKK7onLmdsy_IpHokR6vU8AKCIicuAYPdylgf_82VT5axFDaLSt5RtkYl9OCcfmKC0vfF4Zr-04UDtlYu9M_8HP3r4urURe-n61XWk-I6C43xtCbOBMUoEhkI0QeLhiile7i6z1NDTXs7VusTExjpMiX1EeY1-q2NRfOHjCbB9tgKqAGfHNizVPY0wmfvqKhyYK66kRbrtQqS0g2EBAelO2mGMZpkoicpYqjan6ed7181KgIBk8yXV_IfDM67MagOGhsvskjh5nJ6naA-z2apaqSKDaxyx6Z7Bt4XPb6FtyQTo8JEmWIhuAkWL4MxxPAAbVXb7NOrL-cqOsAfNOdd7En5TFC-eWWNmZtSwiDRof0mGKmV8TeV3rJpEupNjySE_RpLSX&conversion_id=14663032813333&app_id=63&lp_id=1538&v=tribat&stub_id=305&v_id=X-7k9xwZro4KVs82Daw1fzDnWmu1ZiwBDqAEmoHfea4.&lpp=*-*-*

http://update2check.preparevideo.online/dl.php?jjyku=77deZ9ytTUfDK9ybbPj7JUAiyis6526CQXP81ZAsQww.&cid=11740231331466385510&pubid=1019954-2367533627-0&conversion_id=14663855178337&app_id=4&lp_id=1550&v=tribat&stub_id=305&v_id=piQHgz0uzajC9aQawurTlLcmZ7YRO82M4PV6Exz1m9g.&lpp=w10*-*-*

http://newalways.testpconly12.tech/dl.php?dfgh=1ereJk3NHQ7y1fSiC174L3LbnJLmvWtZsxfHTKhBgOE.&cid=d01vZ9Pnkcr4Ylr6NgFt3Rlj0DjU2K4XTfD88nLznfvM49J27-4xbyGnOdLbSLdKVCZwFtWWZ0HtTIvHzRh13VbrKAK1CkC-pjl8Nb8PYOmirIrw7I1Ph1xg2BP7UJiV7V4OB-zhZTWHkcRnZ137qav-XO_1N2m2e_PcK8rnwOUBayFvWfuiDAoM-j0CP_5kJITxg6RylFWROV8L0QtaCLTC-kVrnDLqT1DXVxysaOM9axhicar-5BxxiVAbaEwIJGq3MDHNBerC602CYOcdEXfmlGNzji_X9A04KqISiLbfK6picSKc2YvVHaYGUIBh9lBdsvwXdnqobMNm1cw1RkTH0N4vOt0RZaF0fPXfpKsg35i-T62ulzZ4sofqS8xcQR7cwo-U0MuMW62tcrWq2d_JhEJ6WrAVEBFp9MxtPdMwPqEsO7DLHQgQGG6qpbY&conversion_id=14657533875987&app_id=63&lp_id=522&v=tribat&stub_id=305&v_id=YENBNlz_jbkb2GhgDW900LwVuO9bnGNwyIu0F94R45k.&lpp=*-*-*

http://getnewsoft.updateauto.space/dl.php?fgtfh=sZ389YkD9q7ClzkfR13ndHCAqt0NQuUG9O9SRwTym00.&cid=15899996551466021101&conversion_id=14660211042405&app_id=4&lp_id=1543&v=tribat&stub_id=305&v_id=EHg-rb76BDAxcGd3Rp_2soGKybE4GCdw5wweZTmH2TM.&lpp=*-*-*

http://pc4maintainance.setupupgrade12.site/dl.php?fg=HbI8PZesB2uzf13vvEFBoUX5NGqibPflTStP7fu8ZXU.&cid=P23P38R4656790092123751925&sub=4484&conversion_id=14656790096746&app_id=4&lp_id=1666&v=tribat&stub_id=305&v_id=r_UTHjWW40E1OsY-CheS2Or-cqEE2OhQd6nMV2QZVFA.&lpp=*-*-*

http://whenupgrade.set4updatenew.top/dl.php?fgfdh=zUaC-k-8muwy5-ig5j3-_kjeEtxi8iJbfOtMYQrCC6Q.&cid=515636&sub=11102&conversion_id=14659669503366&app_id=4&lp_id=1663&v=tribat&stub_id=305&v_id=s99NdRDLeOp06eo_yZHBWU6iUW63taCKmSCheuml40k.&lpp=w10*-*-*

http://alwaysup.testpconly12.site/dl.php?gfh=ygNaedMdxdlRZ3X0_thUVxhrlW-bmOvkR9g913Vxt3o.&cid=1026ae229ff38e7b456edf7087efae&sid=1012&conversion_id=14658634696706&app_id=4&lp_id=1542&v=tribat&stub_id=305&v_id=xs56i2j1m-ODyMYec3mUb_l0xST5sX9wBwsx8qZ0Fh0.&lpp=*-*-*

http://12updatenew.softready.top/dl.php?hfg=mP871COYRusRRgwAjcGuzSUmvqKqNvNWyy7Eu3cyhYQ.&cid=6122_7719938966_hHkII&conversion_id=14657793129937&app_id=4&lp_id=1613&v=tribat&stub_id=305&v_id=psfVII1WMTJPeIz0cteea-gojSEngyp4Uo6nhQLbBFA.&lpp=*-*-*

http://upgrade12check.testupgrade.xyz/dl.php?ghfji=qThOFu-ZogJR5BPy4wAWiblETJBmXOOb2PnKgHwtfJY.&cid=177927526946&sid=451470&uuid=535d173d-316b-40ac-8aa3-325e2c7c985d&conversion_id=14660457911968&app_id=4&lp_id=1602&v=tribat&stub_id=305&v_id=jzELwomyHi4YS0DK3LMFFk8MlBy8k5CyBKGmQbfGsp8.&lpp=*-*-*

http://testpc24.soft-videosystem.top/dl.php?fghrd=qThOFu-ZogJR5BPy4wAWiblETJBmXOOb2PnKgHwtfJY.&cid=178813881515&sid=366832&conversion_id=14662182783984&app_id=4&lp_id=1575&v=tribat&stub_id=305&v_id=-zGWdpoGa31glKvFYolxJLoiMMN0tO0BluQOfo-nX8Q.&lpp=*-*-*

http://24pccheck.secure-updates.xyz/dl.php?fdhgj=1ereJk3NHQ7y1fSiC174L3LbnJLmvWtZsxfHTKhBgOE.&cid=RRBi6_7Rdw8p28KBbx0NC9DSpj4ixb4c_yPN89JfzxiF_vhgjt6honcpWk-NSaj6-OM_NncqNWtaSM9OYpAyfG356thiTdG18cYm7NAVjrtnJ-_kmiOJKCSYWQNpfM95UFDbiiC3UaBAeb3PNnAy4XOtMwZs87M0DOqmdjsB8gcMVkX9V_X8Yi11KT3HfjTmHWM79a66cSEvDY1qJgPJn4eG0yQajOduRJ_fJydDk_R-bJ-ohBdXGpG43PgkJB7BfUiibEL9VF8oxr15f3bQNO_Cc84TqDCTg3hFj00WS23fllQuXTaK-vNVa5p3xgdMnFh9cDRhNniTuoQ39P0OYlOZuMzbhLzahVsKUEuJaEKrO0Aup7wCmh1LR7Ac-4W9L1ojr9tWYGCf1-TgsQCLeKLBAdi3tiXhrsCQ8_V-6mR0B85G1SJbfVlQgoKiMxGA4s4feY5hSwdLWupuJjoC3RdxdFH5WJtVhahzICML&conversion_id=14664407173728&app_id=63&lp_id=1538&v=tribat&stub_id=305&v_id=j8yJbSu3g44bI52C_knvOPn17m1MsLE189hg4_E1mI4.&lpp=*-*-*

http://installworking.nowup4time.website/dl.php?dsaff=1ereJk3NHQ7y1fSiC174L3LbnJLmvWtZsxfHTKhBgOE.&cid=mUXmssvwHYVYaV60bTGwoSz_JhC0NQMJVaEnG8e1a-04K6tWDqgZ6YEsma1QZGiGZlzzo1UqZBrUZNgN9zdSyXUVtf5F3dxtCGhLZpujJ8aPjja-cW5eGCF086XMRXeb0E6uQZfWlozfiasvBpDQN-TIC2cyN2mysq96RlNp2oNn5FQUFSOvbHrdjhVKilMjhpvB9VZH95dKxWXTC2QV-WygVNrojzp_awTDNDd4fvfHbLlbPFMhp9mcLPHw-KBcArX3ZDvCw20enoI_VBDA0wsqH68x58qmu4F9Ke047jH7zkBX8WzvpbLJgaFlidm1RJuF6hMnPu3vL5caw0-Ky1pFEF1_3UXdLlQCmAQDl_bTGYqQj5bD9RL1lW2vLdhj1BSLoo388oPZ3Q71DIqFGGhh5actOnvxspuvDrdSILbftVZr-4nTfyeVehvfrdQL3G8WWaAMIVHupEw2pPzqxc3gukb5xuz7gO2x9KG8qkrK2_AIe3RnXA&conversion_id=14663975372427&app_id=63&lp_id=1538&v=tribat&stub_id=305&v_id=IpNBHeOnoRfBciYPyFLRdmziPNBLk8Fo2aVc8jJrxWI.&lpp=*-*-*

http://upgrade12check.testupgrade.xyz/dl.php?ghfji=qThOFu-ZogJR5BPy4wAWiblETJBmXOOb2PnKgHwtfJY.&cid=177924608626&sid=659167&uuid=74c8c991-caa9-422b-bf96-f41bdf7913c5&conversion_id=14660451558310&app_id=4&lp_id=1713&v=tribat&stub_id=305&v_id=NBGX5JzBNI8x_3CKT53pUV0X0IDajUSImCQ1wIi7vR0.&lpp=*-*-*

http://24newsoft.video-players4u.xyz/dl.php?pcl=qThOFu-ZogJR5BPy4wAWiblETJBmXOOb2PnKgHwtfJY.&cid=179251639327&sid=366832&conversion_id=14662990087192&app_id=4&lp_id=1713&v=tribat&stub_id=305&v_id=JDOTWBZoUoewlVZqLkAiNgYW7_2cI3AQqRRvxGE-pp4.&lpp=*-*-*

http://alwaysup.testpconly12.site/dl.php?gfh=ygNaedMdxdlRZ3X0_thUVxhrlW-bmOvkR9g913Vxt3o.&cid=102453a3921237657d41a6cf3e1f00&sid=1012&conversion_id=14658763422940&app_id=4&lp_id=1542&v=tribat&stub_id=305&v_id=2DUOotZkZQ3GJpIq7q3LVR24Gg2eD7OnN7f_WNQnBEU.&lpp=*-*-*

http://24pcupgrade.newsoft2updates.xyz/dl.php?pcl=qThOFu-ZogJR5BPy4wAWiblETJBmXOOb2PnKgHwtfJY.&cid=178364221947&sid=497039&uuid=ab28a4b5-b0fc-46aa-a78c-277f791ce915&conversion_id=14661334719983&app_id=4&lp_id=1713&v=tribat&stub_id=305&v_id=5SCpJ3TTlXio3DDFPl7dXCIiPbLJdgdPIrlQwIAyIHA.&lpp=*-*-*

http://12updatenew.best4upgrade.xyz/dl.php?pcl=qThOFu-ZogJR5BPy4wAWiblETJBmXOOb2PnKgHwtfJY.&cid=179796646985&sid=622328&conversion_id=14663958137575&app_id=4&lp_id=1602&v=tribat&stub_id=305&v_id=Pl8YJ-73vTS2Pva-hF2t1utEdQmpGHRKCOcm9hGiwfE.&lpp=*-*-*

http://nowinstallupgrade.set4updatenewest.tech/dl.php?pcl=qThOFu-ZogJR5BPy4wAWiblETJBmXOOb2PnKgHwtfJY.&cid=178295309967&sid=366832&uuid=a9af59b8-2ab2-4198-be13-d99ee7cbfaf2&conversion_id=14661197446425&app_id=4&lp_id=1602&v=tribat&stub_id=305&v_id=TwTIMxp7PK6Lnif8twsob_IMrv2qPyMjeV_I8HJm0_c.&lpp=*-*-*

http://update.adsoftwares4you.site/dl.php?cdcv=Lp7VeWAEDf9s57jtwii4oIINVuWb84pCCfZ74or9u2I.&cid=3Oc4_g_8tcT6gtJzJuGkfd1biP-WzvB0KpurNvdIeBFsH_O6TYpkrhszieJicjX1nGPQ1QfcXQihcsZ8C63Le5ae53N3gkXey739vBgs9MAsgld_RalVzo4R69Dch3PdbiYkWMsNrNIq95ZUCjUpeIt9dcDJ9f3Cuyw1tVSfFabajeZTk_iwoC8XUF6_geKJDZ73S3QDWJDyyui_9k-cWaRREmrVGXYd0ObStfLtMWj649MqHaUrntXE6D8ybvD1-mVKso9mCPAp8j4B-oKZDzNJ3Q22atqmevYbderNmf1E2ogt8NX6HMcYXOSmZIOcBb6K2IaCt0SXnUeeVcwBZi-9S3XlX4qNky2H8q6dOv-h5gZMtyUFQN2ujQ31oeWUOxALkqE9X133KoNLASZmv3n0OyLFG0C8VElpXaaduNeaKmFwPEMvv4smyU7Tnnc_ZKGx92XNxqlBlVs2EMzkRW8Z4DHkaFbXa7W5xeJ227ZWPL3EKZ6W1lt-&conversion_id=14657896040079&app_id=4&lp_id=1675&v=tribat&stub_id=305&v_id=NFezulperFXyIkKjzpk9iTlzpu5QHrnHFZdR_NreieY.&lpp=*-*-*

http://12updatenew.best4upgrade.xyz/dl.php?pcl=qThOFu-ZogJR5BPy4wAWiblETJBmXOOb2PnKgHwtfJY.&cid=179742703346&sid=462464&2=&conversion_id=14663864903003&app_id=4&lp_id=1602&v=tribat&stub_id=305&v_id=xN0qT2K2r45CAqQlWd3SPsa77eZeRFvg_EuqSpOuCQc.&lpp=*-*-*

http://softreadynow.upgradelive.top/dl.php?hdgf=qThOFu-ZogJR5BPy4wAWiblETJBmXOOb2PnKgHwtfJY.&cid=178457773015&sid=640102&uuid=1cf4f831-c1cf-474b-b368-86185ab5f625&conversion_id=14661537747012&app_id=4&lp_id=1602&v=tribat&stub_id=305&v_id=JpKebwc62u4LuyaQxc8CXnt1apioV31e2QE_5G8oJm4.&lpp=*-*-*

http://setupnow.testpc24.club/dl.php?fdf=bFRb5DxiSdzBNQInAYVPvTSMb9ZiNY3gSXn9urPHnJU.&cid=13187919811466211353&SUB_ID=976456-1443534555-95638688&conversion_id=14662113548127&app_id=4&lp_id=1362&v=tribat&stub_id=305&v_id=c0I078CdWRN8UjTeXgG-LqN0u9QKnYTVfpZ-kUkdJAA.&lpp=*-*-*

http://newsoft24.update2.xyz/dl.php?pcl=qThOFu-ZogJR5BPy4wAWiblETJBmXOOb2PnKgHwtfJY.&cid=179656419108&sid=38411&conversion_id=14663713203788&app_id=4&lp_id=1602&v=tribat&stub_id=305&v_id=UxALXDp07Ss3OB-OUdU9rM2Q1WrZHpbtQnN6rnnZ6bk.&lpp=*-*-*

http://updateauto.onlinesearching.site/dl.php?gdsfv=Lp7VeWAEDf9s57jtwii4oIINVuWb84pCCfZ74or9u2I.&cid=IQrZrlU6GXaHdgx8ftkDC5d-gvZNFZ_YpGYTlH70ySFqyXs6ZrEpK-BNF2b9ae3ZaFIwW0_YLG4dsMOouIeRJszIK-2xOJfK9JDsSKY4nOKGx1KW1G5xk94dnOnDIRUukh9qxRYy5zZOQ7vUyex0-rk6G86s0OyFQz4ZbEExSsiMt7TjY2sHlrNMiUkV9s0A5fyqeujqp9Nj9D46q3T8n8oPHMSi1y4JdlN_MIqHddBHUAKPvXeyDjaMVNgfWQ67QTwQquRk5h3fNspkPm6xWfLLW18i4BMm3G6lWZWI6e6P5s1NuqZ6VJ6jOEO4uNe4v56AfCno6tx_QIyGxpoi6CVq4hNa1rPDjYSzHcuUXI2wt4w2R1l0Luant7KcYNkIwUyaaF7ZezbKNT3wiNnGv_S8i0_XbEVh1AnouVBd7KMo_WtOyVtnnAqhdUwva7IYPcRe_jKrShz45gW--LByLWhd0ag4YWsYhEK0r246zuzcHL5CQECaIuzkkzSk3Q&conversion_id=14664490379660&app_id=4&lp_id=1666&v=tribat&stub_id=305&v_id=Om89v_jvJdFggg03G2WtIE6B9wLi1r9QweragU814ng.&lpp=*-*-*

http://ask24update.updatebest.tech/dl.php?hfggf=qThOFu-ZogJR5BPy4wAWiblETJBmXOOb2PnKgHwtfJY.&cid=179568996718&sid=598510&conversion_id=14663578816798&app_id=4&lp_id=1602&v=tribat&stub_id=305&v_id=rNZSh_KZZ1molgdPBaopKznnRJ0U7eCmZ2yyXo0OzAw.&lpp=*-*-*

Latest 30 of 581 download URLs

Remove adobe flash player.exe - Powered by Reason Core Security