home

flash_player_setup.exe

flash setup

Digital Zones

The application flash_player_setup.exe by Digital Zones has been detected as a potentially unwanted program by 3 anti-malware scanners. The file has been seen being downloaded from 24online.update4ever.online and multiple other hosts.
Publisher:
Digital Zones  (signed and verified)

Product:
flash setup

Version:
1.0.0.0

MD5:
3efa816fd59826546b1d51234d5bdfb4

SHA-1:
60403f9336b0cee202cecda1eca2ecdd97238e39

SHA-256:
be195eae9ba8761cf6d60d9282f9827da936f14c426555ae082379b9ade9238a

Scanner detections:
3 / 68

Status:
Potentially unwanted

Analysis date:
11/24/2024 6:40:30 PM UTC  (today)

Scan engine
Detection
Engine version

F-Secure
Variant.MSILPerseus.30942
5.15.21

Norman
Gen:Variant.MSILPerseus.30942
02.04.2016 17:35:19

Reason Heuristics
PUP.DigitalZ.Installer (M)
16.5.28.22

File size:
116.9 KB (119,752 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © 2016

Original file name:
Flash.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\flash_player_setup.exe

Digital Signature
Signed by:
Digital Zones

Authority:
COMODO CA Limited

Valid from:
3/27/2016 7:00:00 PM

Valid to:
3/28/2017 6:59:59 PM

Subject:
CN=Digital Zones, OU=Digital Zone, O=Digital Zones, STREET="ul. Akademika Koroleva, d. 9 korp. 5", L=Moscow, S=Moscow, PostalCode=129515, C=RU

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
07775D7C7B8C20E915DD534EA4F8DB84

File PE Metadata
Compilation timestamp:
5/10/2016 1:57:29 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
1536:WEBjFm4ME8+ZgmnbCDb3zTBuMZAn6FZ6nri:t7m498++mnb0bPMMZ+6FZ6

Entry address:
0xC3DE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 04, 00, 03, 00, 00, 00, 30, 00, 00, 80, 0E, 00, 00, 00, 60, 00, 00, 80, 10, 00, 00, 00, 90, 00, 00, 80, 18, 00, 00, 00, C0, 00, 00, 80, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 01, 00, 02, 00, 00, 00, 48, 00, 00, 80, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, F0, 00...
 
[+]

Entropy:
5.7342

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
41 KB (41,984 bytes)

The file flash_player_setup.exe has been seen being distributed by the following 43 URLs.

http://24online.update4ever.online/dl.php?sdfwe=mwK9xqzoV7CJFZFuMzUljhhSqRfSzOS0OjpXu8EpXWQ.&cid=MTA1MHw1MjEyfFVTfDN8MXx8Y3pKeipTazFETVRVNE1GODRPVlJ6VUVkWVZuUXlMVkJqVmxKQ1YzVTBTR2RCfHw&conversion_id=14632026406761&app_id=4&lp_id=1602&v=tribat&stub_id=305&v_id=tBlrk94cnBI86seVx6U9kcOAfnxAk7Bl_yfIoU9XK7A.&lpp=No match

http://softnewready.ready4maintain.online/dl.php?gthe=a_gSS9xv_Aslbm_nX5Gm1lXQEGpCKel6dN-uoSQuQzE.&cid=1463304575mb93991358201&sid=[SUB_ID]&conversion_id=14633045756978&app_id=4&lp_id=1602&v=tribat&stub_id=305&v_id=i6PV77W6W8YvmvjB-Jr3rRXrizXAdlR6O46_GmGH2ko.&lpp=*-*-*

http://getupdate.ready4maintain.xyz/dl.php?gthre=GGu45Ba0NmUH_NwtfDgTLxVjbRLjo7YXKJ2oaTmN2Pw.&subid=VjJ8MzM3MTJ8MjUyMTYxfDMyNTA3NHwxNDYzMjQwNjg1fDcwYzNlMTc4LTNiMjEtNDQyNS1jNDE2LTgxMjRjMWRlMWJmZXw0Ni41OS4xNzAuMjZ8fDJ8MjA5YmRiNzc1OGVhZWE2MDAwYzA3ODc3Y2I4OTAwNWU=&conversion_id=14632406869448&app_id=4&lp_id=1401&v=tribat&stub_id=305&v_id=39N3pCIjzO5jRrYcmi_RJI0WeX7evLOIpMaHfGGAUHI.&lpp=w10*-*-*

http://softnewready.ready4maintain.online/dl.php?gthe=qU3Z7XUlfImHuT1FQ4EPPqG1uIwy8JoStrTO-HH4cqA.&cid=1463309280mb98164066437&conversion_id=14633092811723&app_id=4&lp_id=1590&v=tribat&stub_id=305&v_id=19oO9zgx4bKRQswI0I7esqd_7mx9P-6JLhzSQ01AOwk.&lpp=*-*-*

http://setupupgrade12.livecheck.tech/dl.php?gthyerj=gkFxLPUcpk7xf6JHEpK7C7_F2gl5rT0l1skK5_kvm54.&cid=11241268121463327182&conversion_id=14633271840947&app_id=4&lp_id=1543&v=tribat&stub_id=305&v_id=uphRwR7BJKoHrjyYG_-JdP_zmgL-EqenRsUakVwViUs.&lpp=*-*-*

http://howtoupdate.ugrade4ever.online/dl.php?crvter=Ng4WtNxhGPEQZdqC1dWAshWscO8dCXLx14dzm1z-R-E.&cid=192254764702&sid=639498&conversion_id=14631823955448&app_id=4&lp_id=1609&v=tribat&stub_id=305&v_id=s_qsVdDcZVmr_FK0Nj-j0Dqnc0iqbKO5Xw2a4Ir7j-I.&lpp=*-*-*

http://soft4update.ad4softinstall.xyz/dl.php?jhsf=6_9TsBDefaYWzThCKByL2fn6NnIWvXofYBCoo5l4ZGE.&subid=VjJ8MTgxOHwyODM2Njd8MTk4NTM0fDE0NjMyMjIxNjh8YTBhMWRiODMtMjJjNi00MTJkLWMxNjQtMDUzZWVlZmNmZGFmfDg2LjI1Mi4xMzguMjd8fDF8Zjk2MmJlYTczMzE3YmIyMzZlMTIyNGJlNjkyMjZiMTI=&conversion_id=14632222669126&app_id=4&lp_id=1579&v=tribat&stub_id=305&v_id=_vhcmo-_iwlfxxSsnZAzw9w0v8_GAwDzN0rkiVSYQy8.&lpp=*-*-*

http://getupdate.ready4maintain.xyz/dl.php?gthre=5ajM9B-i7T-4pIEhpN9uspgqXJrQFBm55sP5XLAOLx4.&sid=M_1558721427888e01bff41463322848&sub=15&ref=wegotmedia.co&tid=JFC1391_QMqnLRb2wP-PdRDBXiCPaa&pid=15&site=BaHFGckhqDWOh7vacAlZsULpQobHRrDQM6uckyIIJVQb3w&conversion_id=14633228442822&app_id=4&lp_id=1600&v=tribat&stub_id=305&v_id=Dzn2k2vL4FJ2ORX-8avbnwhzm0K-EOAZ1d3DDgTg-M8.&lpp=*-*-*

http://24upgrade.freeinstallsoft.xyz/dl.php?sdfgg=10QydW4wk10InnO0nVjw-Gm4HrFaEMU2YL_WW3YFynE.&cid=MTA1MHw1MjA3fFVTfDN8MXx8Y3pKeipTazFETVRFMU1WOXdjblZXTVZac1h6bGFMVkJqVmxKQ1YzVTBVR0kyfHw&conversion_id=14633312799406&app_id=4&lp_id=1379&v=tribat&stub_id=305&v_id=7GJYUvU6080AzpTgQBnRSK22fJ2gx_ApQQMW_yEOu90.&lpp=No match

http://soft4update.ad4softinstall.xyz/dl.php?jhsf=ixCD18FVNFrzvqXPojRYqImzd7RCg-m6oRQWVazMq3E.&subid=VjJ8OTUwMnwzMjA5OTN8NTcyMzJ8MTQ2MzMyNTE2Nnw5ZGMzYzVhOC0wMTM4LTQ2OTQtYzY2MC00MWI2YzJhYTk5YzB8MTc5LjE4Ni4xMzIuMjMyfHwyfDk4MDY0MDVhY2EwZjNjNWFiN2E2OWViZmZjNjdkZDk2&conversion_id=14633252686652&app_id=4&lp_id=1526&v=tribat&stub_id=305&v_id=NBIzQnlmF_1-WWUK_gHsz3TPIEl8xHE6RM2MIrk6CCU.&lpp=No match

http://prepareupdate.safeupgrades4ever.top/dl.php?vtyewv=mwK9xqzoV7CJFZFuMzUljhhSqRfSzOS0OjpXu8EpXWQ.&cid=MTA1MHw1MjEyfFVTfDN8MXx8Y3pKeipTazFETVRVNE1GOWlaRXhuVmxjeFRrTkRMVkJqVmxKQ1YzVTBVR0kyfHw&conversion_id=14626539501110&app_id=4&lp_id=1362&v=tribat&stub_id=305&v_id=pbH6GlXbpCVYTPgfM6C6-ZFddCgXh9HBXLASYw9whJo.&lpp=*-*-*

http://soft4update.ad4softinstall.xyz/dl.php?jhsf=i3tCnE120uiRPGos8JmbRCR_GKOWydR8OoYMObPkBtY.&cid=10915&sid=10227040314e7d5c41822ad8b5aa4b&conversion_id=14631959884634&app_id=63&lp_id=1391&v=tribat&stub_id=305&v_id=2qvvlPNgVZEfxGqxgzrf8b5bGfePqlI7uQqqG-r9uGM.&lpp=*-*-*

http://softnewready.video4updating.online/dl.php?cfgtvb=PpwRkWz5LyxtL_vGPv-alkpi1qSU4ug9lzqrJ5NdKB8.&cid=us5v5ev33vdivci5w2ef&subid=2279&conversion_id=14631889367677&app_id=4&lp_id=1666&v=tribat&stub_id=305&v_id=br-dFHiF75qtSBBuqRQDdC3auLN3FAx-ag50JuyVo1k.&lpp=*-*-*

http://setupupgrade12.livecheck.tech/dl.php?gthyerj=qU3Z7XUlfImHuT1FQ4EPPqG1uIwy8JoStrTO-HH4cqA.&cid=1463233775mb35303377149&conversion_id=14632337757964&app_id=4&lp_id=1590&v=tribat&stub_id=305&v_id=0idy4c0cm5yAVuNwPX8W9_a3Bp-P2WQ1zbIIfxiGRA8.&lpp=*-*-*

http://check24.noteupgrade.tech/dl.php?gfehyr=Ng4WtNxhGPEQZdqC1dWAshWscO8dCXLx14dzm1z-R-E.&cid=177443557481&sid=418980&conversion_id=14633198807649&app_id=4&lp_id=1609&v=tribat&stub_id=305&v_id=D0OhIo3QwPjLrvzn_4oE8yJFl2gCKtVPdbbXNc6pft4.&lpp=*-*-*

http://24upgrade.freeinstallsoft.xyz/dl.php?sdfgg=mwK9xqzoV7CJFZFuMzUljhhSqRfSzOS0OjpXu8EpXWQ.&cid=MTA1MHw1MjEyfEJSfDN8MXx8Y3pKeipTa1pETVRNNE9GOVVWVUozVlhWMFdsTkpMVkJrUWxSQ1dGRm9TRXhSfHw&conversion_id=14632393587000&app_id=4&lp_id=1543&v=tribat&stub_id=305&v_id=wznP6hvJZha33AVhcFOyuv0PvkwqwY8sMermOWuk47Q.&lpp=*-*-*

http://softnewready.video4updating.online/dl.php?cfgtvb=10QydW4wk10InnO0nVjw-Gm4HrFaEMU2YL_WW3YFynE.&cid=MTA1MHw1MjA3fFVTfDN8MXx8Y3pKeipTa3hETVRFMk1sOUZOVXA0UlZOVVdIZDNMVkJqVmxKQ1YzVTBVR0kyfHw&conversion_id=14631890695170&app_id=4&lp_id=1379&v=tribat&stub_id=305&v_id=0GVEz7otsMDCUtLnGADcGSc3RxrtcwoJe2KMGNdcot8.&lpp=*-*-*

http://soft4update.ad4softinstall.xyz/dl.php?jhsf=ixCD18FVNFrzvqXPojRYqImzd7RCg-m6oRQWVazMq3E.&subid=VjJ8OTUwMnwzMjA5ODR8MzI1MDc0fDE0NjMzMjU2NzB8ZjQ1Njc3NzMtNTZlNC00MGNiLWMwNjEtMWMwZTU5NzU3OWU5fDE3Ny4xMjguMjEwLjExOHx8MTV8OTgwNjQwNWFjYTBmM2M1YWI3YTY5ZWJmZmM2N2RkOTY=&conversion_id=14633258048785&app_id=4&lp_id=1379&v=tribat&stub_id=305&v_id=z3HgW5imW0LM4UJ-YtaRminooDiqSsVZ1jwSX5a_cck.&lpp=No match

http://soft4update.ad4softinstall.xyz/dl.php?jhsf=GGu45Ba0NmUH_NwtfDgTLxVjbRLjo7YXKJ2oaTmN2Pw.&subid=VjJ8MTY5MjV8MjUyMTYxfDcxMjkyfDE0NjMyMzI0NTB8YTczNzM0MTUtNjhlMy00YmJjLWNiYjMtMzBiZDNkZWQ3NTkyfDc5LjIwMS40OC4yMzJ8fDF8MjA5YmRiNzc1OGVhZWE2MDAwYzA3ODc3Y2I4OTAwNWU=&conversion_id=14632324527373&app_id=4&lp_id=1543&v=tribat&stub_id=305&v_id=9CbAhogCY2FZe8dRsM9hqyuHe9Kw4WrtfYE94_ZTjeM.&lpp=*-*-*

http://howtoupdate.ugrade4ever.online/dl.php?crvter=Ng4WtNxhGPEQZdqC1dWAshWscO8dCXLx14dzm1z-R-E.&cid=177555188524&sid=90446&conversion_id=14631888095135&app_id=4&lp_id=1609&v=tribat&stub_id=305&v_id=R6cv4TAl0_V6pgIsITK23evO3GIXYb0SfNMk_o4NjvE.&lpp=*-*-*

http://soft4update.ad4softinstall.xyz/dl.php?jhsf=ygNaedMdxdlRZ3X0_thUVxhrlW-bmOvkR9g913Vxt3o.&cid=1026ffbd57fdd888762a2605a6b683&sid=1012&conversion_id=14631855485394&app_id=4&lp_id=1542&v=tribat&stub_id=305&v_id=9HA3rWarJJ0cre6j_jkIFJ0DELqjH5fESrYWKCQ_vXQ.&lpp=*-*-*

http://updatesoft.video4updating.site/dl.php?fdsadf=KNIBM2EBa3zWtP9OSxV4EfwyPF4MGOKSf7HvUltNEbE.&cid=11775528881463188840&conversion_id=14631888428627&app_id=4&lp_id=1362&v=tribat&stub_id=305&v_id=cbEEgfHKvRCkUWfG9mfEebUsFoFntDYyFyvf-oNZau0.&lpp=*-*-*

http://getupdate.ready4maintain.xyz/dl.php?gthre=PDI9YlDc4g3TAJRHg0BFTVY4J5vyZK-TP-HhtZGJgH0.&cid=XQnJ1Acx6W5Ks4YBQ4WYgRxHgpj6Nx3JE9WLDq6e&subid=794QD3H9&conversion_id=14633228290763&app_id=4&lp_id=1518&v=tribat&stub_id=305&v_id=49vgIlXWpyncfUSDXdhTL1SGWVsRKstIr8Agf7gA_sI.&lpp=w10*-*-*

http://softnewready.set2newupdate.online/dl.php?vyterb=S_jTzbaCeqY-7A67ZDBHFSrO_sjyRBx58EOys_NsZ9I.&cid=C-BoifDkX6k0lrSYZqfE32wJwcD44gBuzu6vJvDlup3op7vT0l1PyoAB8wQkE_yoHVuw1nOSBuN7MCSEan9aLyiJwMtlAME6NC2LEzq5mkyk6BeF_UAS&qs1=&conversion_id=14632998968946&app_id=4&lp_id=1509&v=tribat&stub_id=305&v_id=Ef9PFXisRBNdXxOye2OjSP24HHs7rPuIzOe4ObBBMAo.&lpp=*-*-*

http://setupupgrade12.livecheck.tech/dl.php?gthyerj=g_ObVO2A8VB12Oj2c2io2EVf9-g0CGaBqw-B8aCRNFA.&cid=29704770901463327747&conversion_id=14633277585244&app_id=4&lp_id=1362&v=tribat&stub_id=305&v_id=sFQAQTgy9SHKmBwpIoJAuJ7q9nXMHbas8Y5FRG26wRE.&lpp=*-*-*

http://24upgrade.freeinstallsoft.xyz/dl.php?sdfgg=mwK9xqzoV7CJFZFuMzUljhhSqRfSzOS0OjpXu8EpXWQ.&cid=MTA4MHw1MjEyfFVTfDN8MXwxNTJfNl8xNDYzMjMwNjYzbWI2MzAyNjIyMjY2MV84OTF8YzNWaWFXUSpNVFV5fmN6SnoqVGtSVmFrMXFWVFJPYVUxNVRYcG5hazlFYTNobVJHTXdUV3BhT0ZaV1RqaE5NM2Q0WmtSYVprMVVVVEpOZWtsNlRVUlpNazB5TVdsT2FrMTNUV3BaZVUxcVNUSk9ha1k0V1ROd1MyVnBjRTVXTURCNFYxZHdSazVWTVRaVFZGSmFWa1ZzTmxkWWNISk9SVFZZVTIxNFQyVnRkRFJVVkVwR1pEQTFWV0Y2Vms1aGJHdDVWMnhrU21aRVRqVmxSM1I2V1ZkR05VNUVaSFJqYm5jfHw&conversion_id=14632306760292&app_id=4&lp_id=1543&v=tribat&stub_id=305&v_id=NwdLrqdIDZeDFxnFdd3Jb1MlVpdtuwgR5Awpwg6LoME.&lpp=*-*-*

http://updatesoft.video4updating.site/dl.php?fdsadf=qU3Z7XUlfImHuT1FQ4EPPqG1uIwy8JoStrTO-HH4cqA.&cid=1463189148mb57578259630&conversion_id=14631891497936&app_id=4&lp_id=1590&v=tribat&stub_id=305&v_id=8fLsV3Q-0rAJav4CudbhFSIP8BkNdhZ8z2rmwYPtiVI.&lpp=*-*-*

http://24upgradecheck.ad4softinstall.tech/dl.php?fgvds=KNIBM2EBa3zWtP9OSxV4EfwyPF4MGOKSf7HvUltNEbE.&cid=4136503061463185884&conversion_id=14631858870019&app_id=4&lp_id=1362&v=tribat&stub_id=305&v_id=HIwLCOqOUuaNBGXtqBXM7wcBNyHj-vdWQG_vvI4nkm0.&lpp=*-*-*

http://getupdate.ready4maintain.xyz/dl.php?gthre=IAnnqFQWm9tZQKvNra508noeytmAYQ862eFMMBC4QcA.&cid=6115_7450142262_sNQ5k&conversion_id=14633059781902&app_id=4&lp_id=1405&v=tribat&stub_id=305&v_id=a4XfK953rEnkLSYTaeYth9dBo8t0DyWn4_ZINx_hV44.&lpp=*-*-*

http://soft4update.install4freealways.site/dl.php?kjhx=Ng4WtNxhGPEQZdqC1dWAshWscO8dCXLx14dzm1z-R-E.&cid=177636232264&sid=387435&conversion_id=14632051347920&app_id=4&lp_id=1609&v=tribat&stub_id=305&v_id=Yu7ppaUQ69YcsVfYBm2ZHo11Hs321ZIkxpGfoEvtZ4k.&lpp=No match

Latest 30 of 43 download URLs

Remove flash_player_setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.