flash_installer.exe

Ticking

Scrubber

The executable flash_installer.exe has been detected as malware by 33 anti-virus scanners. This is a self-extracting archive and installer, however the file is not signed with an authenticode signature from a trusted source. The file has been seen being downloaded from flashplayer1.websiteseguro.com.
Publisher:
Scrubber

Product:
Ticking

Description:
Radix

Version:
2.2.4.4

MD5:
67c89b4684de080329b1eed89ca10798

SHA-1:
4f6d3f2913136cf5d208883c9544f225c3644c4a

SHA-256:
9c677cc0bc3c1efd37d4cadd24f05e46f01ff99fdee86b640202778bcab3549e

Scanner detections:
33 / 68

Status:
Malware

Analysis date:
12/27/2024 11:02:52 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.GenericKD.2110440
461

Agnitum Outpost
Trojan.Yakes
7.1.1

AhnLab V3 Security
Trojan/Win32.Gen
2015.04.18

Avira AntiVirus
TR/Spy.A.11961
3.6.1.96

avast!
MSIL:Agent-CMY [Trj]
2014.9-151031

AVG
MSIL6
2016.0.2939

Baidu Antivirus
Trojan.Win32.Yakes
4.0.3.151031

Bitdefender
Trojan.GenericKD.2110440
1.0.20.1520

Comodo Security
UnclassifiedMalware
21806

Dr.Web
Trojan.DownLoader12.12277
9.0.1.0304

Emsisoft Anti-Malware
Trojan.GenericKD.2110440
8.15.10.31.03

ESET NOD32
MSIL/Injector.HJK (variant)
9.11493

Fortinet FortiGate
W32/Yakes.IQCL!tr
10/31/2015

F-Secure
Trojan.GenericKD.2110440
11.2015-31-10_7

G Data
Trojan.GenericKD.2110440
15.10.25

IKARUS anti.virus
Trojan.Win32.Tinba
t3scan.1.8.9.0

K7 AntiVirus
Trojan
13.202.15637

Kaspersky
Trojan.Win32.Yakes
14.0.0.1192

Malwarebytes
Trojan.MSIL.BVXGen
v2015.10.31.03

McAfee
Artemis!67C89B4684DE
5600.6595

Microsoft Security Essentials
Trojan:Win32/Dynamer!ac
1.1.11502.0

MicroWorld eScan
Trojan.GenericKD.2110440
16.0.0.912

NANO AntiVirus
Trojan.Win32.Yakes.dmzyrv
0.30.16.1110

Norman
Suspicious_Gen4.HSZZO
11.20151031

nProtect
Trojan.GenericKD.2110440
15.04.17.01

Panda Antivirus
Trj/CI.A
15.10.31.03

Qihoo 360 Security
HEUR/QVM03.0.Malware.Gen
1.0.0.1015

Quick Heal
Trojan.Msilobfuscator.WR3
10.15.14.00

Sophos
Mal/Generic-S
4.98

Trend Micro House Call
TROJ_GEN.F0C2C00B315
7.2.304

Trend Micro
TROJ_GEN.F0C2C00B315
10.465.31

Vba32 AntiVirus
Trojan.Yakes
3.12.26.3

VIPRE Antivirus
Trojan.Win32.Generic
39450

File size:
69 KB (70,656 bytes)

Product version:
2.2.4.4

Copyright:
Timetables

Trademarks:
Slinking Rig

Original file name:
Temperament.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\flash_installer.exe

File PE Metadata
Compilation timestamp:
1/27/2004 3:40:15 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
1536:bQVWnUOgZrM88pWWaa7d9xI5Ii9+vbLwmPNs/7T:MVTI/kWaKd9xGIi9+vb3PNs/H

Entry address:
0x12B2E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
67 KB (68,608 bytes)

The file flash_installer.exe has been seen being distributed by the following URL.

Remove flash_installer.exe - Powered by Reason Core Security