home

FlashGuncelle.exe

Adobe

The executable FlashGuncelle.exe has been detected as malware by 36 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from www.eklentidunyasi.com.
Publisher:
Adobe

Product:
Adobe

Version:
8

MD5:
30118bec581f80de46445aef79e6cf10

SHA-1:
8462920bbf74bbeb9ce7ee68a37e20207de60aaf

SHA-256:
adec1707efaa1496691d5d4b12daaadff893b0f0ad68b33699e5dd7dd6f8eb58

Scanner detections:
36 / 68

Status:
Malware

Analysis date:
12/26/2024 2:44:00 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.AgentWDCR.AQ
361

Agnitum Outpost
Trojan.Blocker
7.1.1

AhnLab V3 Security
Win-Trojan/FCN.140610
2015.07.28

Avira AntiVirus
TR/Strictor.23182.31
8.3.1.6

Arcabit
Trojan.AgentWDCR.AQ
1.0.0.425

avast!
Win32:Agent-ASJZ [Trj]
2014.9-160209

AVG
Generic35
2017.0.2839

Baidu Antivirus
Trojan.Win32.Ransomlock
4.0.3.1629

Bitdefender
Trojan.AgentWDCR.AQ
1.0.20.200

Comodo Security
UnclassifiedMalware
22875

Dr.Web
Trojan.DownLoader10.59063
9.0.1.040

Emsisoft Anti-Malware
Trojan.AgentWDCR.AQ
8.16.02.09.01

ESET NOD32
MSIL/Bepush
10.12002

Fortinet FortiGate
W32/Blocker.DBUD!tr
2/9/2016

F-Prot
W32/Trojan2.OBJJ
v6.4.7.1.166

F-Secure
Trojan-Downloader:W32/Kilim.T
11.2016-09-02_3

G Data
Trojan.AgentWDCR.AQ
16.2.25

IKARUS anti.virus
Trojan-Ransom.Win32.Blocker
t3scan.1.9.5.0

K7 AntiVirus
Riskware
13.207.16698

Kaspersky
Trojan-Ransom.Win32.Blocker
14.0.0.690

Malwarebytes
Trojan.MSIL
v2016.02.09.01

McAfee
Generic.rx
5600.6495

Microsoft Security Essentials
TrojanDropper:MSIL/Bepush.B
1.1.11903.0

MicroWorld eScan
Trojan.AgentWDCR.AQ
17.0.0.120

nProtect
Trojan.AgentWDCR.AQ
15.07.27.01

Panda Antivirus
Trj/WLT.A
16.02.09.01

Qihoo 360 Security
Malware.Radar01.Gen
1.0.0.1015

Quick Heal
TrojanDropper.Bepush.B.cw3
2.16.14.00

Rising Antivirus
PE:Trojan.Win32.Generic.1635B7A1!372619169
23.00.65.16207

Sophos
Mal/Generic-L
4.98

Total Defense
Win32/Tnega.ATYC
37.1.62.1

Trend Micro
TROJ_GEN.R047C0CFC15
10.465.09

Vba32 AntiVirus
Hoax.Blocker
3.12.26.4

VIPRE Antivirus
Trojan.Win32.Generic
42382

ViRobot
Trojan.Win32.S.Blocker.196096.B[h]
2014.3.20.0

Zillya! Antivirus
Trojan.Blocker.Win32.13169
2.0.0.2317

File size:
191.5 KB (196,096 bytes)

Product version:
8

Copyright:
Adobe

Trademarks:
Adobe

Original file name:
FlashGuncelle.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\flashguncelle.exe

File PE Metadata
Compilation timestamp:
12/11/2013 6:20:46 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
3072:Zq7xvcMfQkiszbShQ8gbDoN1uVJxBsslRwaTTOj1i3cM/05xQmEq/BRiLH:AWcQkisyHgYL2JxBsYRwYTOjOtMM

Entry address:
0x2D836

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
174.5 KB (178,688 bytes)

The file FlashGuncelle.exe has been seen being distributed by the following URL.

http://www.eklentidunyasi.com/dl.php

Remove FlashGuncelle.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.