Flash.exe

flash setup

Digital Vei,OOO

The file Flash.exe by Digital Vei,OOO has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. It is also typically executed from the user's temporary directory. The file has been seen being downloaded from update.soft2download.website and multiple other hosts.
Publisher:
Digital Vei,OOO  (signed and verified)

Product:
flash setup

Version:
1.0.0.0

MD5:
d0f46916a74cdda898b4873439e03667

SHA-1:
3c6da9d1a165c5f8601d9bbaa221b1ad608de427

SHA-256:
9e6a6a8b7a1d79fa6420f69433a841eee5cb7f40e2b20227f8f51e5bf10ffc09

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
11/24/2024 5:31:43 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.installCore.DigitalV.Installer (M)
16.4.16.18

File size:
152.1 KB (155,728 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © 2016

Original file name:
Flash.exe

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\temp\4e10.tmp

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
4/23/2015 7:00:00 PM

Valid to:
4/23/2016 6:59:59 PM

Subject:
CN="Digital Vei,OOO", OU=Development 2, O="Digital Vei,OOO", STREET=ul. Bratislavskaya 21 Korp. 1, L=Moscow, S=Moscow, PostalCode=109451, C=RU

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
0081D507B47243FED522FD7B6AA8ED0F56

File PE Metadata
Compilation timestamp:
4/16/2016 12:08:46 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
3072:aerj9+2bca7ttMUeTkHHRAzQ4IbLHhxy/jJdurUh1T/WLwXF5Zj:r9WQEQ7hxyLur+YWFT

Entry address:
0x37BE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 04, 00, 03, 00, 00, 00, 30, 00, 00, 80, 0E, 00, 00, 00, A8, 00, 00, 80, 10, 00, 00, 00, C0, 00, 00, 80, 18, 00, 00, 00, D8, 00, 00, 80, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.2161

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
6 KB (6,144 bytes)

The file Flash.exe has been seen being distributed by the following 50 URLs.

http://update.soft2download.website/dl.php?dfs=TLqt908uClHJDcm0H2jhNT7UbVJSwOXIemFPGWUfgsg.&cid=174287964326&conversion_id=14612591574750&app_id=129&lp_id=1362&v=tribat&stub_id=305&v_id=1jHwIKSojSnb9N3pLyS1uvTriobO2w8UmJ5Vsw-HlRk.&lpp=*-*-*

http://upgradepc.clickonupdate.xyz/dl.php?tsfd=M8PGinKJGuAIrqSN68ZurqxCa0zTGuLwJv3YEabwpIs.&cid=174378768788&sid=485230&conversion_id=14612961186422&app_id=4&lp_id=1159&v=tribat&stub_id=305&v_id=GIETvv_pRNB38mca0XlCJnatkdM0WiNVJZO1y74weKE.&lpp=*-*-*

http://update.soft2download.website/dl.php?dfs=DnpSQdqzYfx_s_FrbE3AwGPmsTozys2PoBW_Y66P_HI.&cid=pXA-nX3XXUx4kyrP_KJT3cMQ-dFVBIQ4G9OtZZtp-tttDmBWRYusyTzgbWzcKJoN8y1xvlfYc-mBLKztPPAUH5YCsF1XN5zM4rF6oIDWcwpqehLDejz_jsH26FzKw2rKMHn6XpCKlMAzBUecwIZ7brXrvGS22NlBS_RMIkYNORABaw9itvqLCuCTcnsHsslC4w-L4nT2IpzIb36Go81Aq297zSBA8ff-qswi_K-BxpD1tikJuUDFD-jDbom0fbcNjC62X8e94tywKrKfT-l3oGooxD7Z11wV0T4LFAo53SFwJKKrmEYzULM6ZpzHUdxsm5CX4ZY3oJ1MCSUsft-pSUqrZhcY7EqtafzDxjS6oWzNbCT4aq9kLMvb3GJBYl03Z5m0L85DQNO7U-sLI5Nw_4geETAfE886AZJh4bnt34mjLK0oTtEOnleLs0bBw8SZ4AKoI_hjR1CGhSN94CG6FJOMt6ury1NCkSYpwwnjGA&sid=[SUB_ID]&conversion_id=14612587869856&app_id=4&lp_id=1379&v=tribat&stub_id=305&v_id=zxE27MINtsIOEMRratJpakarUx-0UgV0SQHxFF81Dko.&lpp=*-*-*

http://upgrader.clickonupdate.top/dl.php?hbyvr=GGV_Pu71bPhU1fj6-XpWEl_dWmYEEwvaFUfmluMZi4I.&cid=8&sid=[SUB_ID]&conversion_id=14612983664683&app_id=4&lp_id=1362&v=tribat&stub_id=305&v_id=KATMY2WIQdIFp4GGoOoemgdgg8jOS6mKVak1Bgm4Mm4.&lpp=*-*-*

http://upgradepc.clickonupdate.top/dl.php?hgtd=GGV_Pu71bPhU1fj6-XpWEl_dWmYEEwvaFUfmluMZi4I.&cid=8&sid=[SUB_ID]&conversion_id=14612155299634&app_id=4&lp_id=1362&v=tribat&stub_id=305&v_id=OOEMgRCMGoi_J4VNlU4CBAF0WREq2FbULRJZAD4H8vQ.&lpp=*-*-*

http://upgradeget.clickonupdate.site/dl.php?vuctr=Iu5sv4NYl_zlgN93nmUm2GAAg-MzAOgMZUlagyP7ABQ.&cid=MTA1MHw1MjA1fFVTfDN8MXx8Y3pKeipTazFETVRFMU1WOVhabmc1WlhveWFYZENMVkJqVmxKQ1YzVTBTRXhPfHw&conversion_id=14610296807443&app_id=4&lp_id=1550&v=tribat&stub_id=305&v_id=fU8_ECLHbscwjnMQHJ-iDFxyLoXGkWr7r_hTc3TlwL0.&lpp=*-*-*

http://update.soft2download.website/dl.php?dfs=DnpSQdqzYfx_s_FrbE3AwGPmsTozys2PoBW_Y66P_HI.&cid=OGLLpwflUJ0zY21_KgreUZaRjthHp2j_fK6ABIOgVmQWImFR7PMwoPccJvBqx8iUrw50Y01sy3YofNDlYhlP0LrFZ5rsd4ys3-mwxICjRM6KcRElK14R4CUvP8wtczUfR8oUX19NlBCCf-2fv5WGm254Ik7wYutUiaoemIkH4Vy0zH8AD-j5NFkmEEOl2EY7IcPYAN-mVDjvQoK1P5_Fs2Vd269ryvN03lhjuReoHI76qlc1T3rGX_uyR6r0yRq6Oe2L4kjj4djJzX-sR90CUjHxsuoeuLbBQ1G5gCQw5kVPmZSB8eZZEBVsxrJhRp2EE8nQMplbjzvJt_LoQHfTymP2TtRMsmqI3n4C3_9OwYJbuat23soGVqS90xiJnV5iIvTGu6ILzh2xdIFvd2dR8XUWFFQ7qBriy5DZkCjG77WK5d6LE086R7dawpC8JHXkcNmdp4LnJvrw_zdpQc2EraosV0tVKwonUg4Id58uGgRHYndAXZFMuivfUlccMYIzRrzfeg&sid=[SUB_ID]&conversion_id=14612966739338&app_id=4&lp_id=1379&v=tribat&stub_id=305&v_id=sMhqozRszya34FSOQcEF3W-4tvqN9jE3y-R3KCjS54U.&lpp=*-*-*

http://newupdate.newsearch2update.top/dl.php?vfgse=Wj_LMFM8oFKBAYvLDWAAgrPsD6D7L_VKZTvog_BKS6I.&cid=VjJ8MTE3NTZ8MjgyNDEzfDQwMTE5MXwxNDYxMjU4ODgxfGVhYjM2NTJjLTdkN2QtNDkwNi1jOTBiLTVjN2RhMGMyZGQ5OXwxMDcuMTk1LjE5MS44OXx8MXxmNmNmZDU4ZDQwZWUzNDFmYWYzMzg0NDgxMzk4Yjc1YQ==&sub=2&conversion_id=14612588836867&app_id=4&lp_id=1526&v=tribat&stub_id=305&v_id=OgOvXAXdeWxsdW1Yr4ExyK_yGUJHaHJLdne0UTcADlo.&lpp=*-*-*

http://update.soft2download.website/dl.php?dfs=qU3Z7XUlfImHuT1FQ4EPPqG1uIwy8JoStrTO-HH4cqA.&cid=1461258016mb60842000583&conversion_id=14612580184055&app_id=4&lp_id=1590&v=tribat&stub_id=305&v_id=xXAeGae-I5u64RJYBIo1u_EyqhYL-IIKBH6wkn33_Mc.&lpp=*-*-*

http://update.soft2download.website/dl.php?dfs=DnpSQdqzYfx_s_FrbE3AwGPmsTozys2PoBW_Y66P_HI.&cid=xtcjWbO7QsLaBl021eizvt8CKZvrJVX-IAlrSFOQQ3N-xI9LZEzSwqU1xZRSgQFAU7EwfGg5tSuInDe7ZcfdaNO-eGb0ahj8EZ59hE9gzUMbdaP4rAPaf8SeMrqI8lI743QMpqX4cCapnxO48Uzq2jcMvTYpsH49mxsh6ve7sOuzhIrxwPj3qbGWe4XqzoZs8b6GjtuB_hxSoo2czWeIoCxJ6p54pDM9DiKUuB-tQsUTtKvTV5_XeUUjSktY_8glc0gW1lgaL6SvK9aZ1R_OxvXhiv-IN9GPvhmUxnQ6JHMy8I4t9MHwqByLSy3gkz94YUvZue9AUqd2yC7K7HSoUQ7-izj1_tAiSFDeDMp7FvbuRPAHpg08GChxTaNYMVNiAjV-CSvYwaO3oub3mAoxDRgMoBJC0JuLLuZjzcc2LgD_oAh6y7L4cX2Mji1ny9aDuEa-29WeV57HTfaVLNcg51zOih1jvnxEcihQrokuK-0h8mDs8bVc&sid=[SUB_ID]&conversion_id=14613003489543&app_id=4&lp_id=1379&v=tribat&stub_id=305&v_id=jrRYOl8vYwBbWccYJTY0MO7eag6QuAdDGGuU-kRPIe8.&lpp=*-*-*

http://lastversion.applicationtechnica.xyz/dl.php?sfre=FOxpjjPbb5uWJF4egS_a5iOG8oqZgkc60zinEq__lyo.&cid=P23P5R4612185645909694277&sub=3903&conversion_id=14612185650797&app_id=4&lp_id=1208&v=tribat&stub_id=305&v_id=aIX366V9eTcGt55wxjKptf2P7p3zK1Ul-2rd04LWPfo.&lpp=*-*-*

http://getupdate.softcontinents.website/dl.php?iuyg=49vJSJARXt4sZRPAxwzgT-_PZCWXDaXSgBtJNjNyL_U.&sub=425568&cid=4777499939&conversion_id=14608318100053&app_id=4&lp_id=1379&v=tribat&stub_id=305&v_id=3EYrUHo3BWFxdDSO9gdchbKwxJe8tazZkRQu5o8f30s.&lpp=w*-*-*

http://upgradepc.clickonupdate.top/dl.php?hgtd=GGV_Pu71bPhU1fj6-XpWEl_dWmYEEwvaFUfmluMZi4I.&cid=8&sid=[SUB_ID]&conversion_id=14612166706742&app_id=4&lp_id=1362&v=tribat&stub_id=305&v_id=Y7U9_NCIKy7Qp-8jU1Zlwmx1OsS2PO_6jZhpIE2zQs8.&lpp=*-*-*

http://soft4update.newsearch2update.site/dl.php?fvsgg=_Va78cAhdKUbkAZyfdq3Fi0pW-7WD3DQnzhWcty3-dw.&cid=us5h2jo1nf9bds70vw3n&subid=2279&conversion_id=14611672730175&app_id=4&lp_id=1379&v=tribat&stub_id=305&v_id=rrPuyP2l3-HbJaYaAtZq-c0cvWgj6vKPLTppszMtv7c.&lpp=*-*-*

http://upgradeget.clickonupdate.site/dl.php?vuctr=38DFSrr1ETEUBiSUl8xPsRhOh9RixPurDP0QG_Pac0k.&cid=183571372203&conversion_id=14609910102487&app_id=100&lp_id=1402&v=tribat&stub_id=305&v_id=k_Zku4bBXrg5O-FecwSQ7-AalPnB7XHAfaegDaAYu30.&lpp=*-*-*

http://upgradeget.clickonupdate.site/dl.php?vuctr=2IoEeC7_3Qqcv4ZGCdA_8-hpaDsMjH5dIUOAGEfjnpw.&cid=12950151711460999327&conversion_id=14609993280112&app_id=4&lp_id=1379&v=tribat&stub_id=305&v_id=SAOMblipi3rut_SJN2_YI6Olip-Pclk_9xeAvLmwXNQ.&lpp=*-*-*

http://upgradepc.clickonupdate.top/dl.php?hgtd=GGV_Pu71bPhU1fj6-XpWEl_dWmYEEwvaFUfmluMZi4I.&cid=8&sid=[SUB_ID]&conversion_id=14612957349767&app_id=4&lp_id=1379&v=tribat&stub_id=305&v_id=yBynx2nSraeoIbEVHIJlzzQCp8UOzk5_Old9w4h07T0.&lpp=*-*-*

http://upgrade.soft2download.xyz/dl.php?dsfsf=sMBycfqvPa_0a0ERkVjxMC-GoM0nWgBAhHPkmhCmIq0.&cid=17717427201461023737&conversion_id=14610237434666&app_id=4&lp_id=1362&v=tribat&stub_id=305&v_id=QDWoC6IWGLOV0UJa3VSBTaSqyWFPPB16gfn_RN99fas.&lpp=*-*-*

Latest 30 of 99 download URLs

Remove Flash.exe - Powered by Reason Core Security