» flashplayer.exe
Overview
Analysis
File Details
Downloads (1)

flashplayer.exe

The executable flashplayer.exe has been detected as malware by 21 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from www.txtpadonline.com.

File name:

flashplayer.exe

Version:

101.88.99.1256

MD5:

0c90f7bfacdd96f858edff2b557154dd

SHA-1:

cc911ee348dbd4b900c2d13702f3c7ae86680ffc

SHA-256:

2a522be6431f0259cf1add3b80c440f7e41499ac0dc5194e40453a2320f3b60f

Scanner detections:

21 / 68

Status:

Malware

Analysis date:

12/28/2024 5:49:39 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.Generic.15149311

453

Agnitum Outpost

Trojan.DL.Banload

7.1.1

AhnLab V3 Security

Trojan/Win32.Banload

2015.10.16

Avira AntiVirus

TR/Dldr.Banload.756

8.3.2.2

Arcabit

Trojan.Generic.DE728FF

1.0.0.582

avast!

Win32:Banker-MJB [Trj]

2014.9-151108

AVG

Luhe.Fiha.A

2016.0.2962

Bitdefender

Trojan.Generic.15149311

1.0.20.1560

Emsisoft Anti-Malware

Trojan.Generic.15149311

8.15.11.08.01

ESET NOD32

Win32/TrojanDownloader.Banload.WOT (variant)

9.12416

Fortinet FortiGate

W32/Banload.WOT!tr.dldr

11/8/2015

F-Secure

Trojan.Generic.15149311

11.2015-08-11_1

G Data

Trojan.Generic.15149311

15.11.25

IKARUS anti.virus

Trojan-Downloader.Win32.Banload

t3scan.1.9.5.0

McAfee

Artemis!0C90F7BFACDD

5600.6587

Microsoft Security Essentials

TrojanDownloader:Win32/Banload.BEW

1.1.12101.0

MicroWorld eScan

Trojan.Generic.15149311

16.0.0.936

nProtect

Trojan.Generic.15149311

15.10.16.01

Panda Antivirus

Trj/CI.A

15.11.08.01

Sophos

Mal/Generic-S

4.98

Trend Micro

TROJ_GEN.R02KC0DJF15

10.465.08

File size:

1.2 MB (1,242,624 bytes)

Product version:

1.0.0.0

File type:

Executable application (Win32 EXE)

Language:

Romeno (Romênia)

Common path:

C:\users\{user}\downloads\flashplayer.exe

File PE Metadata

Compilation timestamp:

6/19/1992 7:22:17 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

24576:kOD9T3B2hW5AaxpeQ2yT5FLJnmkl8zBgVl4/B/btLRs4nrtpcRcTU+RaSXA+/:FPxp0clJnhoxHjjcuTPRA+

Entry address:

0xFC9CC

Entry point:

55, 8B, EC, 83, C4, F0, B8, 5C, C4, 4F, 00, E8, 88, A0, F0, FF, 68, 64, CA, 4F, 00, 6A, 00, 6A, 00, E8, 5A, A3, F0, FF, E8, D5, A4, F0, FF, 3D, B7, 00, 00, 00, 75, 0C, A1, 78, 69, 50, 00, 8B, 00, E8, 4E, 87, F6, FF, A1, 78, 69, 50, 00, 8B, 00, E8, BE, 85, F6, FF, 6A, EC, A1, 78, 69, 50, 00, 8B, 00, 8B, 40, 30, 50, E8, 94, AC, F0, FF, 0D, 80, 00, 00, 00, 50, 6A, EC, A1, 78, 69, 50, 00, 8B, 00, 8B, 40, 30, 50, E8, 94, AE, F0, FF, 8B, 0D, 0C, 6C, 50, 00, A1, 78, 69, 50, 00, 8B, 00, 8B, 15, C4, A3, 4F, 00, E8... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

1007 KB (1,031,168 bytes)

The file flashplayer.exe has been seen being distributed by the following URL.

http://www.txtpadonline.com/link.php

Remove flashplayer.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.