» adobe_flash_setup.exe
Overview
Analysis
File Details
Downloads (145)

adobe_flash_setup.exe

flash setup

Digital Vei,OOO

The installer utilizes the installCore download manager which may bundle additional offers for various ad-supported toolbars, extensions and utilities. The application adobe_flash_setup.exe by Digital Vei,OOO has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the installCore installer. The file has been seen being downloaded from liveupgrade.freesearch4u.website and multiple other hosts.

File name:

Publisher:

Digital Vei,OOO (signed and verified)

Product:

flash setup

Version:

1.0.0.0

MD5:

9e7a2ee2da6117e3a2cd51e2e0d71af0

SHA-1:

b854ef6017cd72a45b47d8d2715a75829833f6b9

SHA-256:

404acd53fcec5687a5b12ac22af6b4d44108803eb3b3f5a695497b12284d2f4c

Scanner detections:

1 / 68

Status:

Adware

Note:

Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Description:

This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:

11/1/2024 3:30:24 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.installCore.DigitalV.Installer (M)

16.4.18.19

File size:

187.1 KB (191,568 bytes)

Product version:

1.0.0.0

Original file name:

Flash.exe

File type:

Executable application (Win32 EXE)

Bundler/Installer:

installCore

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\adobe_flash_setup.exe

Digital Signature

Signed by:

Digital Vei,OOO

Authority:

COMODO CA Limited

Valid from:

4/24/2015 12:00:00 AM

Valid to:

4/23/2016 11:59:59 PM

Subject:

CN="Digital Vei,OOO", OU=Development 2, O="Digital Vei,OOO", STREET=ul. Bratislavskaya 21 Korp. 1, L=Moscow, S=Moscow, PostalCode=109451, C=RU

Issuer:

CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

0081D507B47243FED522FD7B6AA8ED0F56

File PE Metadata

Compilation timestamp:

4/16/2016 5:08:46 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

3072:HLARo1P6LTwErjUybatMUeTkHHRAzQ4IbLHhxy/jJdurUh1T/WLwA6FfX:SoP6LTwEX1bhQUQ7hxyLur+YMFv

Entry address:

0xC23E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

41 KB (41,984 bytes)

The file adobe_flash_setup.exe has been seen being distributed by the following 50 URLs.

http://liveupgrade.freesearch4u.website/dl.php?gvtr=mwK9xqzoV7CJFZFuMzUljhhSqRfSzOS0OjpXu8EpXWQ.&cid=MTA4MHw1MjEyfElOfDN8MXwxNDBfXzg3N3xjekp6KlRrUlZhazFxVlRGUFEwMTVUWHBuYWs5RVl6Tm1SR042VDBSR09GTlZOVGhOTTNkNFpraDRhbVZyY0RaTGJGSlhUMGhvVUZaSFRYbFVhMUphWkRBeFZWSlVTazlsYkVWNVZHdFNWazFyTUhsVGJYUmhVa1ZWZDFSdGNFWmxSVFZGVkZob1RsSkhkRGhOTW5ocVRsUmtiMkpYVVhwa1YwWnNaa0V-YzNWaWFXUSpNVFF3fHw&conversion_id=14611430506544&app_id=4&lp_id=1602&v=tribat&stub_id=305&v_id=na3mJ2cMin2QHkihUhr5MhIea0eKpz6eatkEl2D3V1c.&lpp=*-*-*

http://upgradeget.clickonupdate.site/dl.php?vuctr=sMBycfqvPa_0a0ERkVjxMC-GoM0nWgBAhHPkmhCmIq0.&cid=12937272181461007185&conversion_id=14610071882593&app_id=4&lp_id=1379&v=tribat&stub_id=305&v_id=XsJJ1PAoXLcYVPEMVbTJRgnYP2JokmkfqIb85F5oiRg.&lpp=*-*-*

http://soft4update.newsearch2update.site/dl.php?hdfgfh=BJWqvfdDsM3VVNs94zyiNvV0FsGZrdTJG2UwUp5pnpI.&cid=VjJ8MzA2MjJ8MjgzOTIwfDQwMTE5MXwxNDYxMzQ3ODczfGE2NDI3M2I0LTkxMmMtNDU2OC1jNTkxLThiYzMyMzQ2ZWE0MHwxMTcuMTk5LjE4Mi4xMnx8M3w4ZTJhYzY0MzM4ZDM3Njc0ZmQwMWY5YjgxNDZlZWZjZQ==&sub=2006&conversion_id=14613478762543&app_id=4&lp_id=1515&v=tribat&stub_id=305&v_id=EPbPpdFyKdIAHvLT1j3v-hXtY7pvvAwIgjcfNs4qc64.&lpp=*-*-*

http://upgrade.soft2download.website/dl.php?dfs=0ZK6LYwE9Q89ZaLgS0HdFWuVwpKYydTITyVX2MxrCbo.&cid=6945683901461088126&conversion_id=14610881302954&app_id=4&lp_id=954&v=tribat&stub_id=305&v_id=Z1hyVbKBIzjn8qxpvLL5_7GpqBqAVjsdWo1igXah9oM.&lpp=*-*-*

http://upgradepc.clickonupdate.top/dl.php?hgtd=GGV_Pu71bPhU1fj6-XpWEl_dWmYEEwvaFUfmluMZi4I.&cid=8&sid=[SUB_ID]&conversion_id=14612243834436&app_id=4&lp_id=1362&v=tribat&stub_id=305&v_id=0fQFcKgvbfBWm8J27j9agnaT8IUH3g7VHJqO6L-a_Xo.&lpp=*-*-*

http://update.soft2download.website/dl.php?dfs=E8AeT_i_eNx1fVDaFVIiw5vdn2LPPK_lhvVy7iBWfEw.&cid=MzAwNyMxMjEwMiM5NzIjMjA2Njd8MjgyMzU5fFVTfDN8MXx8fHw&conversion_id=14612623771357&app_id=4&lp_id=1543&v=tribat&stub_id=305&v_id=-WGF8S8EQ_uVqq02CsCILSFpwXDMSAaT0kGx7SKCYyY.&lpp=No match

http://upgrade.soft2download.xyz/dl.php?dsfsf=ZVDFIoOsWnhVuPXYduCWR0GR5RS6waXiaGhIyH7yuxE.&cid=30068480021461031550&conversion_id=14610336476046&app_id=4&lp_id=1594&v=tribat&stub_id=305&v_id=tTfOeYBEH16MUctS_auM5VQldm3aSqkJyibn5qD2ClY.&lpp=No match

http://upgradenote.clickonupdate.xyz/dl.php?cytrd=uiDPp9eE4P6uRtw2V6VSMgRQjUwdPYOCiq2hig7_IiE.&cid=185555279042&sid=561135&conversion_id=14613484300936&app_id=4&lp_id=1569&v=tribat&stub_id=305&v_id=XZI4C_FIPXmjhr-faYlVdLFdHkQ4sGF_GNmgN0tmZgc.&lpp=*-*-*

http://update.soft2download.website/dl.php?dfs=V6ggtPSfPBnjgGPLPRg1F8RvkCX3npdk8pUvwP5LaCY.&cid=15660139051461327701&conversion_id=14613277032937&app_id=4&lp_id=1594&v=tribat&stub_id=305&v_id=lVDM51y7Mt0J1rT3CGibWXdOBGKxFT0Aey4q2U-W3vs.&lpp=*-*-*

http://setupupgrade.soft-video.website/dl.php?dfwg=3gyYySmOGJCgnf420qkn-OeEVGZVRlkn9f3J8QO71iA.&cid=10534170271461175396&conversion_id=14611753983482&app_id=4&lp_id=1550&v=tribat&stub_id=305&v_id=nWzpp-03GAmSgLgL4d5sCzGGEkfuIA42convbcKWHII.&lpp=*-*-*

http://upgradenote.clickonupdate.xyz/dl.php?cytrd=uiDPp9eE4P6uRtw2V6VSMgRQjUwdPYOCiq2hig7_IiE.&cid=174196457745&sid=561137&conversion_id=14612217296256&app_id=4&lp_id=1569&v=tribat&stub_id=305&v_id=rId5n7z-AmWZYYpQHzYGTSpEu9rFsmjlLTEGkDhoZUE.&lpp=*-*-*

http://upgrader.clickonupdate.top/dl.php?hbyvr=GGV_Pu71bPhU1fj6-XpWEl_dWmYEEwvaFUfmluMZi4I.&cid=8&sid=[SUB_ID]&conversion_id=14613508739681&app_id=4&lp_id=1362&v=tribat&stub_id=305&v_id=8xJ6-PIBWOw89EPexQqaGCg5fnK6euH9-rFdb-WbK_4.&lpp=*-*-*

http://upgradeget.clickonupdate.site/dl.php?vuctr=V6ggtPSfPBnjgGPLPRg1F8RvkCX3npdk8pUvwP5LaCY.&cid=13323749151461003352&conversion_id=14610033572806&app_id=4&lp_id=1362&v=tribat&stub_id=305&v_id=-NfCmoUL2R-sdTlWFRJtERCBC0KdRrfM7fIfTgP2Hek.&lpp=*-*-*

http://setupupgrade.soft-video.website/dl.php?dfwg=zo1y2Xi9PFo46XICdALWKY7Iv7iHEX4a2b2o8JXIESo.&cid=20763703091461092976&conversion_id=14610929813845&app_id=4&lp_id=1379&v=tribat&stub_id=305&v_id=hbHdPKaI684VS1FXjdgaP-PSlJqfpXoOFHdUjCWFbbQ.&lpp=*-*-*

http://upgradeget.clickonupdate.site/dl.php?vuctr=V6ggtPSfPBnjgGPLPRg1F8RvkCX3npdk8pUvwP5LaCY.&cid=18927154771461032529&conversion_id=14610325506123&app_id=4&lp_id=1600&v=tribat&stub_id=305&v_id=YVoBqg2KpRNTA3bOYcNYn9WWxxJWMYWiUPQkREBfghw.&lpp=*-*-*

http://readyupdate.applicationtechnica.website/dl.php?uzrs=i3tCnE120uiRPGos8JmbRCR_GKOWydR8OoYMObPkBtY.&cid=10915&sid=102678b6c220668ff483a3ec74883f&conversion_id=14612613258166&app_id=63&lp_id=1551&v=tribat&stub_id=305&v_id=mnFrIHdj4AvXddTdXTH5uPobHWAXZ9hwFwOj6gUwMyw.&lpp=*-*-*

http://readyupdate.applicationtechnica.website/dl.php?uzrs=IQ5mQL9gjzozCd3sUESi9aUBuSZSWjGcgjrvoe5dvM8.&cid=TBWi5o_tvdpYbQBYVhWwNA&conversion_id=14613495690323&app_id=129&lp_id=1264&v=tribat&stub_id=305&v_id=SYSjQL1Ivz4_EY2lSxzDtUkZV--ICyuJRV1TFgrRUJs.&lpp=*-*-*

http://readyupdate.applicationtechnica.website/dl.php?uzrs=ixCD18FVNFrzvqXPojRYqImzd7RCg-m6oRQWVazMq3E.&subid=VjJ8Mzc2MzU0MnwyNzI4NTh8NDAxMTkxfDE0NjEyNjMyODN8Yzg0MTQ1NDQtNDM3ZS00OWI0LWM5YTctYWM0MTg2NmQyZjU3fDE4NS4xMjAuMTI1LjF8fDF8N2I4NmRhNDFkNjI5MDAwNWQ3N2RhY2MwNDdiNjQyM2I=&conversion_id=14612633013533&app_id=4&lp_id=1526&v=tribat&stub_id=305&v_id=ILIhSjqGPE9Kwnyj2Vk0Y3dVRigSBw2irWrXDKehl5Q.&lpp=*-*-*

http://update.soft2download.website/dl.php?dfs=V6ggtPSfPBnjgGPLPRg1F8RvkCX3npdk8pUvwP5LaCY.&cid=26960044041461189123&conversion_id=14611891294639&app_id=4&lp_id=1594&v=tribat&stub_id=305&v_id=_L6zbDy-nAp6OETx6HXBhYFW5f5WYY839eadNUTPt8A.&lpp=*-*-*

http://upgradepc.clickonupdate.top/dl.php?hgtd=GGV_Pu71bPhU1fj6-XpWEl_dWmYEEwvaFUfmluMZi4I.&cid=8&sid=[SUB_ID]&conversion_id=14612371787477&app_id=4&lp_id=1362&v=tribat&stub_id=305&v_id=SHrs-2kZvToxvcckoU3k_BSI_bK0CdTYo-De5ODh5nc.&lpp=*-*-*

http://soft4update.newsearch2update.site/dl.php?hdfgfh=F7Xnn4IxP_1pTeLyr7joswYyi-qU1anoOE1G9M0Q760.&cid=VjJ8MzY3Njh8MjgzODQ5fDM1OTcyfDE0NjEzNTAwNjh8MjEyNzhkMDAtNjZkZS00MzcxLWMzODQtNmNmODQ1MTU0MzY0fDkzLjM1LjIwLjY1fHwxfDM2MDEzYmE0ZGI2MTA2NzcxOGVjMTVjNTBjMzcyMDBh&sub=2008&conversion_id=14613500706557&app_id=4&lp_id=1515&v=tribat&stub_id=305&v_id=OgADc8ASCQB0QqFgEX8_lBYS7zlb01HuWm3uEDlfi58.&lpp=*-*-*

http://upgrade.soft2download.online/dl.php?asdasd=CLewqHlWIIChBaR_iGisoxGg9pB7VpPKRIflToz1LAU.&subid=VjJ8MzA2MjJ8MjYyNzU5fDM2MDU3NnwxNDYxMDMzMzAxfGM0ODY5YjFkLWFiZTQtNGYzZS1jZjQ1LWFmNjY0MTgyNDhjNXw5OS4xODkuMTIyLjE3OHx8MXxmYTQzZDJkN2E4OTFlZTc1NGZiNTMzZjI0MjQ2MjNjZg==&conversion_id=14610333126527&app_id=4&lp_id=1590&v=tribat&stub_id=305&v_id=t0XqiRbF3Pm5ReZRoMaKPoP8gLNu_NCGUrORvWUi8m0.&lpp=w10*-*-*

http://getnewsoft.soft-video.top/dl.php?ertwgf=-xRMXj34Npoq2oM8sE2gTM8sZWadTg2jeB3lSlHiqko.&subid=VjJ8MjkyMjF8MjUyMTU5fDQwMTE5MXwxNDYxMDkxNDY5fGQ1ZTYwNGNlLWI2OGYtNDU0YS1jNWM5LWFlNmUzNGUyMjdlZnwyLjI3LjEyNC42M3x8MnxlMzA5YWU5MDk4NTU5MzIwNGE0YTllZjM0NDBiOTJiMg==&conversion_id=14610914977466&app_id=4&lp_id=1389&v=tribat&stub_id=305&v_id=4tnogu05E5l6F_ohqiug6rky7FlCIY7dnK2b_RuNcuA.&lpp=*-*-*

http://soft4update.newsearch2update.site/dl.php?fvsgg=vEd5_DXZSA7yPHj1UdgmHvEg75Ua_4vvfIs64N0djV0.&cid=-2AAIVBALnAwT2V3ISAAEAAQAChAMBAAEAAaYC_QI&conversion_id=14611145595531&app_id=129&lp_id=1550&v=tribat&stub_id=305&v_id=bipkDeTq8dNjsk-GGmtJjbu91XcKLk6HVbZX4WS6F8k.&lpp=*-*-*

http://updateforpc.software-company.online/dl.php?pcl=qU3Z7XUlfImHuT1FQ4EPPqG1uIwy8JoStrTO-HH4cqA.&cid=1461111709mb38981470738&conversion_id=14611117103838&app_id=129&lp_id=1590&v=tribat&stub_id=305&v_id=4DbcJgmlqDNzg_UpC1233lXmh5xuOoJbS7F-k_t2DXY.&lpp=*-*-*

http://upgradepc.clickonupdate.xyz/dl.php?tsfd=C24SxZ0ojvG_bch-rtm13PN71DgbF2iMS5bkc5FAhZ0.&cid=174435160617&sid=358238&conversion_id=14613250962164&app_id=4&lp_id=793&v=tribat&stub_id=305&v_id=k696WF2QJo2cQxxuyJa90vv72BlEENe9dFyUjnLmO10.&lpp=*-*-*

http://update.soft2download.website/dl.php?dfs=0ZK6LYwE9Q89ZaLgS0HdFWuVwpKYydTITyVX2MxrCbo.&cid=33194213731461328240&conversion_id=14613282447189&app_id=4&lp_id=1594&v=tribat&stub_id=305&v_id=krdPXHmbk_f_mAGvGjc9ba9UUJ2RFIrpIdcuNVAMCKI.&lpp=*-*-*

http://updateforpc.software-company.online/dl.php?pcl=zfhHF5uIJPwUCaQYl1z7-xUZ2Mfj7SDh7iR5biCspo8.&cid=17447667121461143141&conversion_id=14611431504724&app_id=4&lp_id=1362&v=tribat&stub_id=305&v_id=1JCcPKhHsYWMew-aTV5P5gKyvt8BW71b__b4y5xtXx0.&lpp=*-*-*

http://soft4update.newsearch2update.site/dl.php?hdfgfh=BJWqvfdDsM3VVNs94zyiNvV0FsGZrdTJG2UwUp5pnpI.&cid=VjJ8NDI4ODB8MjgzOTIwfDQwNTg5OHwxNDYxMzQ4NzAyfDg2NzhkYmM2LWUxODQtNGQ2MC1jZDRlLTdiYWEyNzhjMDUxZnwxNC4xMDIuMTI3LjI0OHx8Mnw4ZTJhYzY0MzM4ZDM3Njc0ZmQwMWY5YjgxNDZlZWZjZQ==&sub=2006&conversion_id=14613487055011&app_id=4&lp_id=1526&v=tribat&stub_id=305&v_id=pxk5W-gr3401tWJQpRq82WLAml1l2Q-eqQ6EDSeREzQ.&lpp=*-*-*

http://update.soft2download.website/dl.php?dfs=DnpSQdqzYfx_s_FrbE3AwGPmsTozys2PoBW_Y66P_HI.&cid=W6q_TmM5UgKTh5hLNV4O0qM4bYHrPLBkDj14uhZ3aH9dGqWF3ffijnH2cSBRQusR77xJqtATUNuaReIm-0LPgvEAhShTRv4LSsgNIiblT0vqVfNvSGlSDQafDjd6M3CpGghRl4Q2k0rLeBYyD8b6xwuMDCp8Zyh1VR7Lkt22fQQzq3OCJ7fGsyev4aFZKy6Sv1x8zSsGw5_McXoiAtRVQE0pP-06ZmIcck_KPWj061yvu_TsR5_gcoKN1-eL-GJwxCChmjKp75HDbKoAWjxkQX0KM0gBbaeUs3P0lz7de0jdX8obEwoLC1E2XA5dkFSPEM1yPUNNrqWg_Xsd0WOuWM-RN4KBI3AmTdedVV0kT08R8F2Lyuw8ZQRIRJJeI0rJrzMR6_hxE8r30W28ntSK4h-JMdj3xVBUSoSP5EviSZzOj3k-558ZBKFxUxGELeCEJHi6uPi5NCi1_HhrAMon6_DpfaGAUrDdjfC68GmcvQUVMKC6sgNx5OOHaITHTyegQq-z9ebgEf7Ot2Q&sid=[SUB_ID]&conversion_id=14612734599917&app_id=4&lp_id=1379&v=tribat&stub_id=305&v_id=9xhCzhBRTPpx03UieUt6hjOxsNV3G_Jw9oCUYNQLkpk.&lpp=*-*-*

Latest 30 of 145 download URLs

Remove adobe_flash_setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.