adobe_flash_setup.exe

flash setup

OOO ELEKTRO-KOD

The application adobe_flash_setup.exe by OOO ELEKTRO-KOD has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The file has been seen being downloaded from setupupgrade.soft-video.website and multiple other hosts.
Publisher:
OOO ELEKTRO-KOD  (signed and verified)

Product:
flash setup

Version:
1.0.0.0

MD5:
70439767af6b4d239792eb5ac3e743e4

SHA-1:
3ac473dbe0656f3ecb7f98eb8d99fd93a68d2ddc

SHA-256:
7e69db0286a9df2595158276a5c112dac96acc095e97c90cc8a36c827f22c813

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/24/2024 5:33:27 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.OOOELEKT.Installer (M)
16.4.19.9

File size:
186.6 KB (191,056 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © 2016

Original file name:
Flash.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Documents and Settings\{user}\My documents\downloads\adobe_flash_setup.exe

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
6/8/2015 12:00:00 AM

Valid to:
6/7/2016 11:59:59 PM

Subject:
CN=OOO ELEKTRO-KOD, O=OOO ELEKTRO-KOD, STREET="109428,GOROD MOSKVA,,,,ULITsA IBRAGIMOVA,35, 2,I KOMN.14,", L=Moscow, S=Moscow, PostalCode=109428, C=RU

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00D1727DFA82A3E28C73A633A65CE817E4

File PE Metadata
Compilation timestamp:
4/17/2016 1:08:46 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
3072:tHmjgNhnnG/H+KpSq0bxtMUeTkHHRAzQ4IbLHhxy/jJdurUh1T/WLwA6FXS:tmgNhnG/H+KpEbYQUQ7hxyLur+YMFC

Entry address:
0xC1EE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 04, 00, 03, 00, 00, 00, 30, 00, 00, 80, 0E, 00, 00, 00, E0, 01, 00, 80, 10, 00, 00, 00, 10, 02, 00, 80, 18, 00, 00, 00, 40, 02, 00, 80, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 0D, 00, 02, 00, 00, 00, A8, 00, 00, 80, 03, 00, 00, 00, C0, 00, 00, 80, 04, 00, 00, 00, D8, 00, 00, 80, 05, 00, 00, 00, F0, 00, 00, 80, 06, 00, 00, 00, 08, 01, 00, 80, 07, 00, 00, 00, 20, 01...
 
[+]

Entropy:
6.3826

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
40.5 KB (41,472 bytes)

The file adobe_flash_setup.exe has been seen being distributed by the following 50 URLs.

http://setupupgrade.soft-video.website/dl.php?dfwg=sMBycfqvPa_0a0ERkVjxMC-GoM0nWgBAhHPkmhCmIq0.&cid=13371826641461157090&conversion_id=14611570932508&app_id=4&lp_id=1362&v=tribat&stub_id=305&v_id=0sPozdg-yoIkb8hfj5d1CMTRG_Sb0M6rjoWOhrBX458.&lpp=*-*-*

http://update.soft2download.website/dl.php?dfs=zfhHF5uIJPwUCaQYl1z7-xUZ2Mfj7SDh7iR5biCspo8.&cid=35851517861461354175&conversion_id=14613541768688&app_id=4&lp_id=1600&v=tribat&stub_id=305&v_id=xnd6E3ytOLRhyt1LYGKK1BZEbGhJkedHgAvbuMGi4-0.&lpp=*-*-*

http://newupdate.softupdate4free.website/dl.php?frgegv=zfhHF5uIJPwUCaQYl1z7-xUZ2Mfj7SDh7iR5biCspo8.&cid=174891531461576279&conversion_id=14615762864013&app_id=4&lp_id=1362&v=tribat&stub_id=305&v_id=ww3xn2bH3tgcTyDm9D8ICuHZCtHHoFgDwwRxEffa8Qc.&lpp=*-*-*

http://updatelive.applicationtechnica.site/dl.php?fdsg=MANbCuk1sPhHlVhpWelL-lHegr7IMAdWR6gHAJbEFPc.&cid=8550008941461373019&pubid=454286&conversion_id=14613730231016&app_id=4&lp_id=1175&v=tribat&stub_id=305&v_id=WyQLxb0LSbyeim12LAr20EKNL557ANpzdDJ3PfPYtTQ.&lpp=*-*-*

http://newupdate.whensoftworks.download/dl.php?grew=CLewqHlWIIChBaR_iGisoxGg9pB7VpPKRIflToz1LAU.&subid=VjJ8NTIxNnwyNjI3NTl8MzI1MDc0fDE0NjEzODIyMzZ8NTUzMzI0MzEtYzE0ZS00NzBkLWM3OWEtZWY2M2U2ZTM5M2YwfDcyLjE3Ni4yMTMuMjUwfHwzfGZhNDNkMmQ3YTg5MWVlNzU0ZmI1MzNmMjQyNDYyM2Nm&conversion_id=14613822707443&app_id=4&lp_id=1518&v=tribat&stub_id=305&v_id=cRKwz_0czETaCJ7pfv5GQeyV9NKXef0TZLiSw5mZUlw.&lpp=w10*-*-*

http://newupdate.softupdate4free.website/dl.php?asfv=DnpSQdqzYfx_s_FrbE3AwGPmsTozys2PoBW_Y66P_HI.&cid=eeTbZKM9H0S107wonCfK09TvzXUgnrwS0hh-C-80qQ5cszrqxasANuG6uDX2HD7XIym6zEGPg1sIaHtCZIbBCdoIsHY6Trltn7WFDLmD1u8ohzgpetYWJDQNUgYzDmQm5jWZN3vJp1oNq_9daY8HsmXu6dnCQgvC67UI40JxyHv6WSBetEqOdercbIMpIM2DNVimKXB20dmJmIktOu9k97dxdHIdA-H9fwEJjpPRD8LEaU6h7Vy3DUeXQ4LMnkafdooELJN9pPSM6mP3QFMqvAoRyd5sv_lNKT-IqNzoFuNN_HVUOstyyCava-Yv_P20V4-sgjXuE79CXlaTW5DJavl8pRyP812wTvqUHJAmzS7PORqgR9dMXHsWRb5rL-Hn9p5RBy3HlynPtfOtmZXBdLE9ns9VG_idINdhtzeoZhc5qkz0FN7EdGsH0OThYWBZpCrHzamuiWktegBDofGwAkUcfHhn0N_OgI3rg-Hbxyb9WyBmmlR7CjQSaPRhxmzUV58K&sid=[SUB_ID]&conversion_id=14614558987557&app_id=4&lp_id=1379&v=tribat&stub_id=305&v_id=AY-fVz1H-gdhUpYTUqVivd3AKrTI7vWax3P0F3vx2gg.&lpp=*-*-*

http://howtoupdate.preparedupdate.online/dl.php?gtevr=ekprVAjPQ0MgAJ4GH4DbVIQTXRZbrUQskJS0VZxD8to.&cid=P23P8R4614771525530928807&sub=4177&conversion_id=14614771530875&app_id=4&lp_id=1561&v=tribat&stub_id=305&v_id=1CCoSnP-cZjTKPrhyuxJPwWWnNU_ofs56LBERDjw81A.&lpp=*-*-*

http://update.soft2download.website/dl.php?dfs=2IoEeC7_3Qqcv4ZGCdA_8-hpaDsMjH5dIUOAGEfjnpw.&cid=10937071281461374035&conversion_id=14613740406627&app_id=4&lp_id=1379&v=tribat&stub_id=305&v_id=6-DnCR89ETvxKj9tRwNOXqHP7mkVV5g0dc71w_lkWfo.&lpp=*-*-*

http://softupdate.software-company.online/dl.php?pcl=HBfZBqmjvShSyN8T7B6GF4EWeDXqP2-LqaW3Zz-EIQc.&cid=13719751451461185144&conversion_id=14611851481079&app_id=4&lp_id=1379&v=tribat&stub_id=305&v_id=UyK5PKFUB0-oKJIlEFFOtxk1wgYsYW_sYDNA5-P19Lg.&lpp=*-*-*

http://update.soft2download.website/dl.php?dfs=0ZK6LYwE9Q89ZaLgS0HdFWuVwpKYydTITyVX2MxrCbo.&cid=17683833151461240645&conversion_id=14612406482184&app_id=4&lp_id=1362&v=tribat&stub_id=305&v_id=ncj1Bvw-rmL4SyLsmLEe1GrCYa-UAzmkeD_K-NneRps.&lpp=*-*-*

http://update.safe2download.xyz/dl.php?dhsts=lS-UWQPszmuIkFAr_oll99zbw2SzO6WOVedcJifkshI.&cid=11798275751461487058&pubid=1115297&conversion_id=14614870593567&app_id=4&lp_id=1175&v=tribat&stub_id=305&v_id=dZ4jVU6vMrxm3T5YrCyAkE4k_ca8ERt1u48xsWMoI7c.&lpp=w10*-*-*

http://softnewready.applicationtechnica.website/dl.php?ztse=CLewqHlWIIChBaR_iGisoxGg9pB7VpPKRIflToz1LAU.&subid=VjJ8NzA1Mzh8MjYyNzU5fDM2MDU3NnwxNDYxMjMxNjQ0fDViMTZkNmZhLTVkOGItNGNhMi1jYzdjLTM5ZGYwZmRjODZkMnwyMDcuMjM3LjU1LjEyNHx8NXxmYTQzZDJkN2E4OTFlZTc1NGZiNTMzZjI0MjQ2MjNjZg==&conversion_id=14612316464058&app_id=4&lp_id=1590&v=tribat&stub_id=305&v_id=U54p-Fej6c8HpUT7uT1r5BvYsfvgEzxXgJnw7XbK6f4.&lpp=w10*-*-*

http://update.soft2download.website/dl.php?dfs=JEZUCP9ythHm1KfOKYRUzQJerVL6zvgzPdolGyU62F0.&cid=169903348481&conversion_id=14613320987936&app_id=4&lp_id=1362&v=tribat&stub_id=305&v_id=IUnjG-E3IFJktuN2r3hHQIrVkdtGv2Uq-NYJaYl5G1A.&lpp=No match

http://softnewready.applicationtechnica.website/dl.php?gdh=-xRMXj34Npoq2oM8sE2gTM8sZWadTg2jeB3lSlHiqko.&subid=VjJ8MjAzNnwyNjAyOTl8NDA1ODk4fDE0NjEwODIzNjd8MDI5OTFjNTktZWIyNy00M2MzLWMzODYtMDVkOTlmZTkwZTU4fDk0LjcuMTIuNTl8fDE0fDE0ODdjNGZlMGUzNTI0ZmIxZDQyNjVjNmFkNTlmMGUz&conversion_id=14610823819992&app_id=4&lp_id=1401&v=tribat&stub_id=305&v_id=fLoswzdTsBTV9nZwwXMtlbUfuagzVb3t4S4jWqB_j0k.&lpp=*-*-*

http://versionsupport.clickonupdate.top/dl.php?qawe=mwK9xqzoV7CJFZFuMzUljhhSqRfSzOS0OjpXu8EpXWQ.&cid=MTEwOXw1MjEyfFVTfDN8MXx8Y3pKeipTa3hETnpjMVgxOXRiMUJTYUZGSU1VZ3RVR1JHVGtKWVZXOVFZall8fA&conversion_id=14614959331899&app_id=4&lp_id=1617&v=tribat&stub_id=305&v_id=YmtkLUiz4LzmOAgbcMTObAQu6JvVHoVTSkfWCCSZo0Y.&lpp=*-*-*

http://newupdate.softupdate4free.website/dl.php?htrs=JEZUCP9ythHm1KfOKYRUzQJerVL6zvgzPdolGyU62F0.&cid=184813965513&conversion_id=14614972458934&app_id=4&lp_id=1362&v=tribat&stub_id=305&v_id=na8GRgCqPYqFjQgghGDbdBiMsGTTZWi1Cm-eTHDuRzY.&lpp=*-*-*

https://doc-04-ak-docs.googleusercontent.com/docs/securesc/p22vntruojlvgbl24dl9lnschcc281mg/jbkamrpl0g56bt6u0hapv8jeutg4654l/1461369600000/01940398070591903427/.../0BzIiEYfE-f9jLWVqUDdjeVBWOUU?e=download&nonce=uhjek381r51se&user=00227283538688007556&hash=4cvqop5sv3h20pg9ji0ccn9vdg6vuos8

http://update.soft2download.website/dl.php?dfs=DnpSQdqzYfx_s_FrbE3AwGPmsTozys2PoBW_Y66P_HI.&cid=VqNIe9PxG68cZLi6VyqbNTSG6Ej01VLrqZYIUUK9a1A1VY8drKGIXOhO-bMIOMI7BsmOqft5daxYxbt-ycp4x8FG5GGxjwMORMr2h_dd-01GFRKxrFQ6o9MPJhmrLYxwwg54w0ee0vhcaMlzYhAbXYTpSVN6Waa-raffSkT2E3thif9pWG9veNiZF4tpPJ5337OhJious86e8LQ6c-VivUrqETu6B3t87X9nPB-ckHyZosCfHm-MjQIu7w386csCrI-zvNHTZH_AEgWXQhWqLbpIQBrFojXxvXi1xvsXyQw5-BSkC6q-8qbP2cdCKjIjHo7AswkW4RYKu_VjFZv0gcjXQ24pNFXPQvM2J6dHhCltSBYm17pBRdIkqHZ_MVLUolR9VW4JMCQmrFGPHxH03UsBJK9uzMKbA9j606TOttFoW3GkKrtIemx58Uequ8tVF3XDSqpkAwKIDWxJ1l4qCLZwzkyBcNBj43C8SoTHwYgzSLOEU1V5q5j3-B0zA6J1A8j-94KniYaEmGdfoHPGcO-4ieA0TkJiTtWeWhM3F5YL&sid=[SUB_ID]&conversion_id=14613734053786&app_id=4&lp_id=1379&v=tribat&stub_id=305&v_id=YsFbgjobRvTvYKbfcSyIaLgZxenKwgk1xcqSnaO6R_w.&lpp=*-*-*

http://upgrade.soft2download.website/dl.php?dfs=3gyYySmOGJCgnf420qkn-OeEVGZVRlkn9f3J8QO71iA.&cid=15821631851461084991&conversion_id=14610850495691&app_id=4&lp_id=1362&v=tribat&stub_id=305&v_id=keyE884Dcm0jzgAFWfgAy6CRAtpoL7erMN4_6Sd55hw.&lpp=No match

http://readyupdate.applicationtechnica.website/dl.php?uzrs=388yxL1btAIy51GD0VSTSoJbRvpFJmFVfuM_8usHA3o.&txn_id=33b6c0da-52df-4941-8d7c-9813f308c847&sub=429&conversion_id=14612012575859&app_id=4&lp_id=1379&v=tribat&stub_id=305&v_id=JszZaSceIS9n0PijJKM1Hio5RMpJc3sqH_t-heJQANE.&lpp=No match

http://softnewready.applicationtechnica.website/dl.php?ztse=IQ5mQL9gjzozCd3sUESi9aUBuSZSWjGcgjrvoe5dvM8.&cid=60kNqTq5PbhzFU9pUjOeiA&conversion_id=14612863409369&app_id=4&lp_id=1362&v=tribat&stub_id=305&v_id=Pprd3Yf0iTndIsPKEDph_15pfazfYfnwU5ZLeSdHFdY.&lpp=*-*-*

http://update.soft2download.website/dl.php?dfs=JEZUCP9ythHm1KfOKYRUzQJerVL6zvgzPdolGyU62F0.&cid=169770220091&conversion_id=14612703092076&app_id=4&lp_id=1362&v=tribat&stub_id=305&v_id=j-eflp6fmnAM2D940uBxy4cCtt1CILbIjNsfuHu8Dt0.&lpp=*-*-*

http://upgrader.clickonupdate.top/dl.php?hbyvr=mwK9xqzoV7CJFZFuMzUljhhSqRfSzOS0OjpXu8EpXWQ.&cid=MTA1MHw1MjEyfEJSfDN8MXx8Y3pKeipTa2hETVRVNE5GOXVhbFpHYjFCRlpHNUNMVkJrUWxSQ1dGRm9TRXhSfHw&conversion_id=14613323441408&app_id=4&lp_id=1602&v=tribat&stub_id=305&v_id=NfJnq4Gjb-PnxfpB5QuFItnJOFnRaG_SK8PtSeDhBtQ.&lpp=*-*-*

http://update.soft2download.website/dl.php?dfs=2IoEeC7_3Qqcv4ZGCdA_8-hpaDsMjH5dIUOAGEfjnpw.&cid=33846768761461385834&conversion_id=14613858479930&app_id=4&lp_id=1600&v=tribat&stub_id=305&v_id=Mz-JEHkk7hD8nHQeh_Cjh77dsNPJWXftzfj4d8F8ihU.&lpp=*-*-*

http://autoupdate.profitableads.top/dl.php?frewc=_cyh1oEmbybn7m8Cxmo-s9kM_Ls_aQ_oI5B4Xeo4UXs.&cid=VjJ8MzM3MTJ8MjgzOTA3fDQwMTE5MXwxNDYxMzI5MTMyfDEzMTdjYWYxLWRjOTMtNDM0Yi1jM2M2LTY5NGM1YTY1M2VhNHwzMS4xMzUuMTkyLjExfHwzfDAxM2QwM2NjM2EyZWZmMzMwNjA2Y2NhNzIzNWQ4Yzcy&sub=2007&conversion_id=14613291347730&app_id=4&lp_id=1526&v=tribat&stub_id=305&v_id=jQBo75r0SYEb3kR8uvfBy96ufIlkJ9c1UzI0RL0DBKQ.&lpp=*-*-*

http://liveupdate.newsearch2update.tech/dl.php?gtrh=BJWqvfdDsM3VVNs94zyiNvV0FsGZrdTJG2UwUp5pnpI.&cid=VjJ8MzA2MjJ8MjgzOTIwfDQwMTE5MXwxNDYxMzQ1Mzk1fGNlN2E5NWRlLWQ3MzgtNGRhZi1jZDg3LWM2NzY1OGQ1YjU0ZnwxMDMuMjQuMTI2Ljg2fHwyfDhlMmFjNjQzMzhkMzc2NzRmZDAxZjliODE0NmVlZmNl&sub=2006&conversion_id=14613453991776&app_id=4&lp_id=1515&v=tribat&stub_id=305&v_id=axDVxF21RtyysH3eMwXbaZkGSFYNvIfG50M-GxnZphk.&lpp=*-*-*

http://legalsoft.video-soft.site/dl.php?fewrt=ZVDFIoOsWnhVuPXYduCWR0GR5RS6waXiaGhIyH7yuxE.&cid=33199237951461411333&conversion_id=14614113549056&app_id=4&lp_id=1379&v=tribat&stub_id=305&v_id=HQ5FcWZREnhLrEFgNmZ5xwd5TMRGY7odCSD8E0uEGdY.&lpp=*-*-*

http://update.soft2download.website/dl.php?dfs=V6ggtPSfPBnjgGPLPRg1F8RvkCX3npdk8pUvwP5LaCY.&cid=31587114141461191880&conversion_id=14611918835687&app_id=4&lp_id=1600&v=tribat&stub_id=305&v_id=uiHjCNHZdsuY-kK72xVv17a6rDQ7qR6fEstjy61OsLU.&lpp=*-*-*

http://setupupgrade.soft-video.website/dl.php?dfwg=0ZK6LYwE9Q89ZaLgS0HdFWuVwpKYydTITyVX2MxrCbo.&cid=6945639311461103251&conversion_id=14611032534261&app_id=4&lp_id=954&v=tribat&stub_id=305&v_id=ET6Si4p_dWzUryiZT8O7j9gVC7fnTU0Xp6tH4ilPkKE.&lpp=No match

http://upgrade.soft2download.website/dl.php?dfs=ZVDFIoOsWnhVuPXYduCWR0GR5RS6waXiaGhIyH7yuxE.&cid=6972323961461072689&conversion_id=14610727432994&app_id=4&lp_id=1379&v=tribat&stub_id=305&v_id=an2rK0LniVwYQA7J933WRhV-_j5TreEdZ0Y_8LSC2F8.&lpp=No match

Latest 30 of 459 download URLs

Remove adobe_flash_setup.exe - Powered by Reason Core Security