» flash_10.0.5.exe
Overview
Analysis
File Details
Downloads (1)

flash_10.0.5.exe

gQWnz

mBtxzmomgI

The executable flash_10.0.5.exe has been detected as malware by 29 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from downloadwww32.adrive.com.

File name:

flash_10.0.5.exe

Publisher:

mBtxzmomgI

Product:

gQWnz

Version:

3.9.254.5313

MD5:

2c29a5c286dfd936d92eebe8f6745521

SHA-1:

4897a76e7f8f89568f504a5c233e9f4bb07086cd

SHA-256:

03af3240cc42e67684cf71a89d7bb238a6575498b26fe1137e02732974cbd37a

Scanner detections:

29 / 68

Status:

Malware

Analysis date:

12/27/2024 9:42:04 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.GenericKD.2890817

271

AegisLab AV Signature

Troj.W32.Generic!c

2.1.4+

Agnitum Outpost

Trojan.Injector

7.1.1

Avira AntiVirus

TR/Dropper.MSIL.228238

8.3.2.4

avast!

Win32:Malware-gen

2014.9-160509

AVG

MSIL9

2017.0.2749

Baidu Antivirus

Trojan.MSIL.Injector

4.0.3.1659

Bitdefender

Trojan.GenericKD.2890817

1.0.20.650

Comodo Security

UnclassifiedMalware

24017

Dr.Web

Trojan.DownLoader17.61148

9.0.1.0130

Emsisoft Anti-Malware

Trojan.GenericKD.2890817

8.16.05.09.03

ESET NOD32

MSIL/Injector.MUE (variant)

10.12922

Fortinet FortiGate

W32/Generic.PL!tr

5/9/2016

G Data

Trojan.GenericKD.2890817

16.5.25

IKARUS anti.virus

Trojan.MSIL.Injector

t3scan.2.0.3.0

K7 AntiVirus

Trojan

13.212.18526

Kaspersky

HEUR:Trojan.Win32.Generic

14.0.0.239

McAfee

RDN/Generic.dx

5600.6405

Microsoft Security Essentials

VirTool:MSIL/Injector.HL

1.1.12400.0

MicroWorld eScan

Trojan.GenericKD.2890817

17.0.0.390

NANO AntiVirus

Trojan.Win32.DownLoader17.dyzkuz

1.0.14.5380

nProtect

Trojan.GenericKD.2890817

16.01.25.01

Panda Antivirus

Trj/GdSda.A

16.05.09.03

Qihoo 360 Security

HEUR/QVM03.0.Malware.Gen

1.0.0.1077

Quick Heal

Trojan.Inject.r3

5.16.14.00

Rising Antivirus

PE:Malware.Generic/QRS!1.9E2D [F]

23.00.65.16507

Sophos

Mal/MSIL-PL

4.98

Trend Micro

TROJ_GEN.R02KC0RL115

10.465.09

VIPRE Antivirus

Trojan.Win32.Generic

46748

File size:

520 KB (532,480 bytes)

Product version:

3.9.254.5313

Original file name:

ejVBchp.exe

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\flash_10.0.5.exe

File PE Metadata

Compilation timestamp:

11/22/2015 9:08:23 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

6144:tImivAnkPL+7YySzbXbnkP0ZezPxXr03fCTavO94u6wmVeDC3mMAAjJSsMXgnQiy:TiokThlbbMXr0aTam7TZLCy

Entry address:

0x56AAD

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

340 KB (348,160 bytes)

The file flash_10.0.5.exe has been seen being distributed by the following URL.

http://downloadwww32.adrive.com/public/.../7RxX8T.html

Remove flash_10.0.5.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.