home

flash_player_ax.exe

Adobe Flash Player ActiveX

Adobe Systems Incorporated

This is a setup and installation application. The file has been seen being downloaded from clientn.super-mp3-download.com.
Publisher:
Adobe Systems Incorporated

Product:
Adobe® Flash® Player ActiveX

Description:
Adobe® Flash® Player ActiveX Installer

Version:
1.0.20

MD5:
2ec47ade196af88954c4da0e9b79485d

SHA-1:
f2495f6f3e12f9a65aeb5e736ab7325ba86fb063

SHA-256:
3f7b75c31f15716f16bea071eb9511b20d40c1111471acdb28f2bb5ed17ae7aa

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/15/2024 1:03:11 AM UTC  (today)

File size:
1.9 MB (2,030,384 bytes)

Product version:
10.0.45.2

Copyright:
Copyright © 1996-2009 Adobe Systems Incorporated and its licensors. All Rights Reserved.

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\flash_player_ax.exe

File PE Metadata
Compilation timestamp:
1/14/2007 1:28:14 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
49152:35WwcrU7F8GAOXyN7XhvoR/XUaV5A4fngK71EzKdt:MwcrUC82XBoRPUC5Xg6EzKj

Entry address:
0x36F2

Entry point:
88, DF, 0F, BE, ED, 43, C7, C6, 0E, 75, 05, 89, 11, F8, 87, DD, 0F, B6, CC, 39, FA, 34, E9, 3B, F9, 0F, B6, CF, F7, C3, 53, 55, CD, C3, 8A, F3, 85, DE, F6, C0, DD, FE, C8, 69, CE, DE, 6E, 25, DC, 8B, CB, 20, F9, 85, D2, 0F, B6, CE, 6B, F6, 00, 11, FA, 4D, B2, B7, 81, EE, 15, 61, 06, 00, 0F, B6, C3, 81, C6, 9D, 63, 06, 00, 09, E9, 88, CD, F2, 39, D0, 69, FF, C3, C8, 92, 9B, 8A, D8, F2, 1A, D8, 81, EE, 9E, 0A, 00, 00, F7, C6, C7, B9, 08, 3C, 12, DD, 81, C6, 9D, 0A, 00, 00, FE, CF, EB, 06, 87, F9, F6, C2, 52...
 
[+]

Entropy:
7.9910  (probably packed)

Code size:
24.5 KB (25,088 bytes)

The file flash_player_ax.exe has been seen being distributed by the following URL.

http://clientn.super-mp3-download.com/.../flash_player_ax.exe

Scan flash_player_ax.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.