adobe_flash_setup.exe

Digital Vei,OOO

The installer utilizes the installCore download manager which may bundle additional offers for various ad-supported toolbars, extensions and utilities. The application adobe_flash_setup.exe by Digital Vei,OOO has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the installCore installer.
Publisher:
Digital Vei,OOO  (signed and verified)

MD5:
add56e9d4d979c6ca6e15ea3abdaf29d

SHA-1:
ac3f7a3979ace892aa65f2b866382abb782de9ad

SHA-256:
22fd5d3f02c00beb59856cbf73a942edd20d03ba835faacc1c3d4ade458993e9

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Description:
This is an installer which may bundle legitimate applications with offers for additional 3rd-party applications that may be unwanted by the user. While the installer contains an 'opt-out' feature this is not set be defult and is usually overlooked.

Analysis date:
12/25/2024 12:43:54 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.installCore (M)
17.1.3.1

File size:
94.2 KB (96,416 bytes)

File type:
Executable application (Win32 EXE)

Bundler/Installer:
installCore

Common path:
C:\users\{user}\downloads\adobe_flash_setup.exe

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
4/24/2015 2:00:00 AM

Valid to:
4/24/2016 1:59:59 AM

Subject:
CN="Digital Vei,OOO", OU=Development, O="Digital Vei,OOO", STREET=ul. Bratislavskaya 21 Korp. 1, L=Moscow, S=Moscow, PostalCode=109451, C=RU

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
440B7B9C6555B097200964AB9C4DE70F

File PE Metadata
Compilation timestamp:
4/28/2015 3:46:11 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

Entry address:
0x7B01

Entry point:
E8, D0, 03, 00, 00, E9, 36, FD, FF, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, 08, D2, 40, 00, 89, 0D, 04, D2, 40, 00, 89, 15, 00, D2, 40, 00, 89, 1D, FC, D1, 40, 00, 89, 35, F8, D1, 40, 00, 89, 3D, F4, D1, 40, 00, 66, 8C, 15, 20, D2, 40, 00, 66, 8C, 0D, 14, D2, 40, 00, 66, 8C, 1D, F0, D1, 40, 00, 66, 8C, 05, EC, D1, 40, 00, 66, 8C, 25, E8, D1, 40, 00, 66, 8C, 2D, E4, D1, 40, 00, 9C, 8F, 05, 18, D2, 40, 00, 8B, 45, 00, A3, 0C, D2, 40, 00, 8B, 45, 04, A3, 10, D2, 40, 00, 8D, 45, 08, A3, 1C, D2, 40, 00, 8B...
 
[+]

Code size:
36 KB (36,864 bytes)

Remove adobe_flash_setup.exe - Powered by Reason Core Security