home

adobe_flash_player.exe

The executable adobe_flash_player.exe has been detected as malware by 2 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from spideroak.com.
MD5:
6c1faa732c33bcb7d32dc56910e88de7

SHA-1:
a7fe6cba252105fc44a2a49990c917887e4f6508

SHA-256:
d3024f614e7d464bb8de583363e76b9982af7c256dc127080acafe486cfcf86d

Scanner detections:
2 / 68

Status:
Malware

Analysis date:
12/28/2024 12:00:22 PM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
Win32/TrojanDownloader.Banload.WTY trojan
8.0.319.0

Microsoft Security Essentials
Threat.Undefined
1.215.1327.0

File size:
393 KB (402,432 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\adobe_flash_player.exe

File PE Metadata
Compilation timestamp:
6/19/1992 6:22:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
6144:0JEvoOEBti2HPSgo6KTWwhQPULAvhZUBxf34HGx8VGCJD6IS3cHK8/iqWLHEPzbJ:pfoH71UNG6w7+133VWpLl

Entry address:
0x54060

Entry point:
55, 8B, EC, 83, C4, F0, B8, 58, 3E, F7, 07, E8, 90, 21, FB, FF, A1, D4, 64, F7, 07, 8B, 00, E8, 68, 9B, FF, FF, A1, D4, 64, F7, 07, 8B, 00, C6, 40, 5B, 00, 8B, 0D, 10, 66, F7, 07, A1, D4, 64, F7, 07, 8B, 00, 8B, 15, F4, 35, F7, 07, E8, 5D, 9B, FF, FF, A1, D4, 64, F7, 07, 8B, 00, E8, D1, 9B, FF, FF, E8, A8, 02, FB, FF, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
332.5 KB (340,480 bytes)

The file adobe_flash_player.exe has been seen being distributed by the following URL.

https://spideroak.com/share/OVRWQ2LMME/uchila/c:/Users/AlessandroRoss/Downloads/.../Adobe_Flash_Player.exe

Remove adobe_flash_player.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.