» FlashGuncelle.exe
Overview
Analysis
File Details
Downloads (1)

FlashGuncelle.exe

Adobe

The executable FlashGuncelle.exe has been detected as malware by 32 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from www.eklentidunyasi.com.

File name:

FlashGuncelle.exe

Publisher:

Adobe

Product:

Adobe

Version:

MD5:

9fc7407329f9394f86bdce22f5191146

SHA-1:

1056267de616828518ae147909d5a60927c0246f

SHA-256:

9cb4bffb9a2fdb53299e4db6230a25db0b18f72ca702797cc452fb2c8ef835fc

Scanner detections:

32 / 68

Status:

Malware

Analysis date:

1/13/2025 9:46:25 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Zusy.77106

671

Agnitum Outpost

Trojan.Blocker

7.1.1

AhnLab V3 Security

Win-Trojan/FCN.140610

2015.03.07

Avira AntiVirus

TR/Zusy.77106.3

7.11.214.140

avast!

Win32:Agent-ASJZ [Trj]

2014.9-150405

AVG

Pakes_c

2016.0.3149

Baidu Antivirus

Trojan.Win32.Ransomlock

4.0.3.1545

Bitdefender

Gen:Variant.Zusy.77106

1.0.20.475

Comodo Security

UnclassifiedMalware

21321

Dr.Web

Trojan.Siggen.65315

9.0.1.095

Emsisoft Anti-Malware

Gen:Variant.Zusy.77106

8.15.04.05.04

ESET NOD32

MSIL/Bepush (variant)

9.11282

Fortinet FortiGate

W32/Blocker.DHLE!tr

4/5/2015

F-Secure

Trojan-Downloader:W32/Kilim.T

11.2015-05-04_1

G Data

Gen:Variant.Zusy.77106

15.4.25

IKARUS anti.virus

Win32.SuspectCrc

t3scan.1.8.6.0

K7 AntiVirus

Trojan

13.200.15187

Kaspersky

Trojan-Ransom.Win32.Blocker

14.0.0.2239

Malwarebytes

Trojan.MSIL

v2015.04.05.04

McAfee

Artemis!9FC7407329F9

5600.6805

Microsoft Security Essentials

TrojanDropper:MSIL/Bepush.B

1.1.11400.0

MicroWorld eScan

Gen:Variant.Zusy.77106

16.0.0.285

NANO AntiVirus

Trojan.Win32.Blocker.csgjmx

0.30.0.296

Norman

Troj_Generic.RYOMA

11.20150405

Qihoo 360 Security

Win32/Trojan.bd3

1.0.0.1015

Quick Heal

TrojanDropper.Bepush.r3

4.15.14.00

Sophos

Mal/Generic-S

4.98

Trend Micro House Call

TROJ_SPNR.35BH14

7.2.95

Trend Micro

TROJ_SPNR.35BH14

10.465.05

Vba32 AntiVirus

Hoax.Blocker

3.12.26.3

VIPRE Antivirus

Trojan.Win32.Generic

38196

Zillya! Antivirus

Trojan.Blocker.Win32.17467

2.0.0.2090

File size:

191.5 KB (196,096 bytes)

Product version:

Adobe

Trademarks:

Adobe

Original file name:

FlashGuncelle.exe

File type:

Executable application (Win32 EXE)

Language:

Turkish (Turkey)

Common path:

C:\users\{user}\downloads\flashguncelle.exe

File PE Metadata

Compilation timestamp:

1/2/2014 7:24:44 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

3072:WqcVvcMfKGMOl2UpixJ1h1l0bs4V0Yx6ZbyPDvDYg3XLp:iycKGMSbwJL1JKzgwzDY8

Entry address:

0x2D846

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

174.5 KB (178,688 bytes)

The file FlashGuncelle.exe has been seen being distributed by the following URL.

http://www.eklentidunyasi.com/dl.php

Remove FlashGuncelle.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.