» flashplayer.exe
Overview
Analysis
File Details
Downloads (1)

flashplayer.exe

The executable flashplayer.exe has been detected as malware by 34 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from adaltbook.bbsindex.com.

File name:

flashplayer.exe

MD5:

a28abe2d8d3c8f2d5f26b7615d0b3bd3

SHA-1:

90df43acb19956f5d9446b1793b7975ba4dbbf39

SHA-256:

18aaf2640901cc8113f15eceab5c13cacefa0c19424268c79cf07bb24b81556a

Scanner detections:

34 / 68

Status:

Malware

Analysis date:

1/13/2025 10:47:52 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.Dalexis.Gen.1

367

AhnLab V3 Security

Trojan/Win32.Agent

2015.04.19

Avira AntiVirus

TR/Dalexis.vcmz

3.6.1.96

avast!

Win32:Malware-gen

2014.9-160203

AVG

Crypt3

2017.0.2845

Baidu Antivirus

Trojan.Win32.Yakes

4.0.3.1623

Bitdefender

Trojan.Dalexis.Gen.1

1.0.20.170

Comodo Security

UnclassifiedMalware

21808

Emsisoft Anti-Malware

Trojan.Dalexis.Gen

8.16.02.03.10

ESET NOD32

Win32/TrojanDownloader.Zurgop.BK

10.11494

Fortinet FortiGate

W32/Yakes.BK!tr

2/3/2016

F-Secure

Trojan.Dalexis.Gen.1

11.2016-03-02_4

G Data

Trojan.Dalexis.Gen

16.2.25

IKARUS anti.virus

Trojan-Downloader.Win32.Zurgop

t3scan.1.8.9.0

K7 AntiVirus

Trojan

13.202.15638

Kaspersky

Trojan.Win32.Yakes

14.0.0.718

Malwarebytes

Trojan.Krypt

v2016.02.03.10

McAfee

RDN/Generic Downloader.x!mv

5600.6501

Microsoft Security Essentials

TrojanDownloader:Win32/Dofoil.T

1.1.11502.0

MicroWorld eScan

Trojan.Dalexis.Gen.1

17.0.0.102

NANO AntiVirus

Trojan.Win32.Yakes.dowxzt

0.30.16.1110

Norman

Troj_Generic.YZMSW

11.20160203

nProtect

Trojan.Dalexis.Gen.1

15.04.17.01

Panda Antivirus

Trj/Genetic.gen

16.02.03.10

Qihoo 360 Security

HEUR/QVM20.1.Malware.Gen

1.0.0.1015

Quick Heal

TrojanDownloader.Dofoil.r4

2.16.14.00

Rising Antivirus

PE:Malware.XPACK-LNR/Heur!1.5594

23.00.65.16201

Sophos

Mal/Generic-S

4.98

SUPERAntiSpyware

Trojan.Agent/Gen-Malagent

9346

Trend Micro House Call

TROJ_GEN.R021C0CCE15

7.2.34

Trend Micro

TROJ_GEN.R021C0CCE15

10.465.03

Vba32 AntiVirus

Trojan.FakeAV.01657

3.12.26.3

VIPRE Antivirus

Trojan-Downloader.Win32.Dofoil

39454

Zillya! Antivirus

Trojan.Yakes.Win32.30756

2.0.0.2142

File size:

84 KB (86,016 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\flashplayer.exe

File PE Metadata

Compilation timestamp:

3/14/2014 10:26:45 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

1536:aOps12GD2Al7BUtczsHjSjt9IsMNGM0EAFViux+0mM0EAFViux+0:rpLG6ApVzsHOjQsZgAFVrx+0mgAFVrxH

Entry address:

0x33AC

Entry point:

81, 25, 9D, B1, 40, 00, B6, 00, 00, 00, 81, 1D, E4, B1, 40, 00, B8, 00, 00, 00, C7, 05, 44, B1, 40, 00, 7A, 00, 00, 00, 81, 1D, 2F, B0, 40, 00, A1, 00, 00, 00, 86, 4D, FC, 82, C1, 96, 87, 45, FC, 83, C0, 95, 55, 83, C5, 13, 83, F5, 17, 89, E5, 83, EC, 58, 66, 81, FD, 00, FE, 0F, 82, DC, 50, 00, 00, 87, 55, FC, 13, 15, 9E, B1, 40, 00, 87, 7D, FC, 01, D7, 13, 3D, 6D, B1, 40, 00, 29, F8, 83, D7, 81, 11, 3D, 5A, B1, 40, 00, 68, C2, BC, 40, 00, 6A, 00, 68, 00, 00, 10, 00, FF, 15, 94, A0, 40, 00, 83, F8, 00, 0F... 
[+]

Code size:

36 KB (36,864 bytes)

The file flashplayer.exe has been seen being distributed by the following URL.

http://adaltbook.bbsindex.com/.../FlashPlayer.exe

Remove flashplayer.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.