home

flash_player_ax.exe

Adobe Flash Player ActiveX

Adobe Systems Incorporated

This is a self-extracting archive and installer. The file has been seen being downloaded from clientn.easymp3downloader.com.
Publisher:
Adobe Systems Incorporated

Product:
Adobe® Flash® Player ActiveX

Description:
Adobe® Flash® Player ActiveX Installer

Version:
1.0.20

MD5:
dc1cd41346b0614d9f2764d0b9cb9441

SHA-1:
5de6ee8bde8ca870d83a783419ef9fd864f7b0fc

SHA-256:
bf08e3012dd81b25e708af955b2ee5c80e82d31ff652f3f8f7d1701236c74d9e

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/26/2024 1:37:41 PM UTC  (today)

File size:
1.9 MB (2,030,384 bytes)

Product version:
10.0.45.2

Copyright:
Copyright © 1996-2009 Adobe Systems Incorporated and its licensors. All Rights Reserved.

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\flash_player_ax.exe

File PE Metadata
Compilation timestamp:
1/14/2007 12:28:14 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
49152:qF0wcrU7F8GAOXyN7XhvoR/XUaV5A4fngK71EzKdt:a0wcrUC82XBoRPUC5Xg6EzKj

Entry address:
0x36F2

Entry point:
60, 8D, 15, FF, 66, 52, E7, 1C, 8F, 8D, 05, D2, 0D, 09, 02, 0F, B6, C0, 69, C9, 7A, 40, 27, 22, C0, CD, 4C, F6, C1, FE, 8A, C3, C6, C6, A8, 81, C3, 45, B9, 00, 00, 0F, C9, 81, C3, 19, 08, 00, 00, 81, FE, D3, 1B, 05, 9C, 84, EC, 0F, AF, CD, 41, 87, CB, 0F, AB, EB, 0A, EF, 0D, 10, 58, C5, 00, 0F, BA, FD, 3F, 8A, EA, 0F, C0, CE, E8, 00, 00, 00, 00, F7, C5, BD, 0E, 35, D5, 81, FE, 96, FF, 00, 00, 70, 06, 8B, EA, 0F, AC, D5, 93, C7, C6, D8, 4C, D1, BB, B8, CE, 72, 00, 00, D3, DA, 18, DD, 35, 1A, E5, 00, 00, 87...
 
[+]

Entropy:
7.9910  (probably packed)

Code size:
24.5 KB (25,088 bytes)

The file flash_player_ax.exe has been seen being distributed by the following URL.

http://clientn.easymp3downloader.com/.../flash_player_ax.exe

Scan flash_player_ax.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.