home

adobe_flash_player-36242406.exe

The application adobe_flash_player-36242406.exe has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup program which is used to install the application. The file has been seen being downloaded from intva31.onlineintercept.info.
MD5:
84311e779ad7a6a4ede9b45acb67528e

SHA-1:
2bf1484eaee3d79c7ff5c004a1c1f6bce5d458e8

SHA-256:
19162913a8511c40f3f3707d0f47a7f62340922bd6d1c63da784346a6296e8b5

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/27/2024 8:32:21 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.DownloadAdmin.ZenBrosM
16.5.17.23

File size:
450.2 KB (461,046 bytes)

File type:
Executable application (Win32 EXE)

File PE Metadata
OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
3.0

CTPH (ssdeep):
12288:/ThKd6hIaNYLNcYM4+Q3sMnMbI7cRFUJ6DNF99GI0:/VKd62AYJcYM4+Q3sMMbIIRFUJ6DNF9Y

Entry address:
0x4C6E0

Entry point:
C6, 05, 70, D2, 44, 00, 00, B9, 00, 00, 46, 00, BA, 04, 00, 46, 00, B8, B0, F6, 44, 00, E8, 65, FF, FF, FF, E8, 70, FF, FF, FF, B8, 90, F6, 44, 00, E8, 16, 4B, FC, FF, C3, 00, 00, 00, 00, 00, FF, FF, FF, FF, 00, 00, 00, 00, FF, FF, FF, FF, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Code size:
301.8 KB (309,024 bytes)

The file adobe_flash_player-36242406.exe has been seen being distributed by the following URL.

http://intva31.onlineintercept.info/dl-pure/1202331/.../?bc=1202331&checksum=36242406&ephemeral=1&filename=adobe_flash_player.exe&cb=-97864352&hashstring=vSf2Cg1jzydq&usefilename=true&executableroutePath=1202485&stub=true

Remove adobe_flash_player-36242406.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.