home

flash_player_ax.exe

Adobe Flash Player ActiveX

Adobe Systems Incorporated

This is a setup and installation application. The file has been seen being downloaded from clientn.mp3freedownloader.com.
Publisher:
Adobe Systems Incorporated

Product:
Adobe® Flash® Player ActiveX

Description:
Adobe® Flash® Player ActiveX Installer

Version:
1.0.20

MD5:
22f658b48eec2ddbac98128fbb6b5956

SHA-1:
a58a0191db87ab09492f06792bb75ce34b1185f0

SHA-256:
ca90c276a5baf88010b4289af53accdf028fc50747249f70b61cc2f827a6fb31

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/15/2024 12:46:42 AM UTC  (today)

File size:
1.9 MB (2,030,384 bytes)

Product version:
10.0.45.2

Copyright:
Copyright © 1996-2009 Adobe Systems Incorporated and its licensors. All Rights Reserved.

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\flash_player_ax.exe

File PE Metadata
Compilation timestamp:
1/13/2007 10:28:14 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
49152:8T+YwcrU7F8GAOXyN7XhvoR/XUaV5A4fngK71EzKdt:kwcrUC82XBoRPUC5Xg6EzKj

Entry address:
0x36F2

Entry point:
60, 81, FA, 1B, 7C, 8D, 0F, C7, C1, 9C, 00, F9, 8D, EB, 03, F6, C5, F4, 48, 81, C2, BB, 41, 55, 76, 85, C8, 68, 52, 72, 61, 00, 52, 88, FF, 8D, 05, 12, 29, F0, 58, 6B, C9, 00, 70, 04, 8B, C6, B2, F9, 86, F8, 77, 08, F7, C7, 6C, F1, 92, B6, 85, C3, 81, C1, 1C, 04, 00, 00, 0F, B6, F7, 8D, 3D, DD, 5E, 13, DE, F3, 81, E9, 1B, 04, 00, 00, 84, CB, 8D, 15, 3A, 40, 8F, 29, 28, C0, 4B, 8A, FA, 81, F9, F8, 03, 00, 00, 0F, 8C, BF, FF, FF, FF, 76, 01, F3, 68, 73, 38, A0, 00, 50, EB, 04, 0C, AD, 30, D0, E8, 3B, 00, 00...
 
[+]

Entropy:
7.9910  (probably packed)

Code size:
24.5 KB (25,088 bytes)

The file flash_player_ax.exe has been seen being distributed by the following URL.

http://clientn.mp3freedownloader.com/.../flash_player_ax.exe

Scan flash_player_ax.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.