» flashplayer15.exe
Overview
Analysis
File Details
Downloads (2)

flashplayer15.exe

The executable flashplayer15.exe has been detected as malware by 32 anti-virus scanners. This is a setup program which is used to install the application. According to AVG, this software downloads additional adware offers during setup. The file has been seen being downloaded from socialcomputing.ing.puc.cl and multiple other hosts.

File name:

flashplayer15.exe

Version:

1.0.0.0

MD5:

7fdbe81bf2fb4af24b6bf4d0c4c51818

SHA-1:

911146c755f7abeb81b061424ae00024fbc89742

SHA-256:

d2475c1363bc0a4182b90227c4f7fc521b9242fb53517c994e88916382782d5b

Scanner detections:

32 / 68

Status:

Malware

Analysis date:

12/27/2024 6:56:44 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Zusy.141804

380

Agnitum Outpost

Trojan.PWS.Banbra

7.1.1

AhnLab V3 Security

Trojan/Win32.Banker

2015.09.16

Avira AntiVirus

TR/Dldr.Delf.696320.2

8.3.2.2

Arcabit

Trojan.Zusy.D229EC

1.0.0.527

avast!

Win32:Malware-gen

2014.9-160121

AVG

Downloader.Generic14

2017.0.2858

Baidu Antivirus

Trojan.Win32.Banker

4.0.3.16121

Bitdefender

Gen:Variant.Zusy.141804

1.0.20.105

Bkav FE

HW32.Packed

1.3.0.7237

Comodo Security

UnclassifiedMalware

23245

Dr.Web

Trojan.DownLoad3.36867

9.0.1.021

Emsisoft Anti-Malware

Gen:Variant.Zusy.141804

8.16.01.21.07

ESET NOD32

Win32/TrojanDownloader.Delf.BGR (variant)

10.12262

Fortinet FortiGate

W32/Delf.BGR!tr.dldr

1/21/2016

F-Secure

Gen:Variant.Zusy.141804

11.2016-21-01_5

G Data

Gen:Variant.Zusy.141804

16.1.25

IKARUS anti.virus

Trojan-PWS.Banker6

t3scan.1.9.5.0

K7 AntiVirus

Trojan-Downloader

13.210.17230

Kaspersky

Trojan-Banker.Win32.Banbra

14.0.0.784

McAfee

RDN/PWS-Banker!dx

5600.6514

Microsoft Security Essentials

TrojanDownloader:Win32/Chavralor.A

1.1.12002.0

MicroWorld eScan

Gen:Variant.Zusy.141804

17.0.0.63

NANO AntiVirus

Trojan.Win32.Banbra.drtmfz

0.30.24.3283

Panda Antivirus

Generic Suspicious

16.01.21.07

Qihoo 360 Security

HEUR/QVM18.1.Malware.Gen

1.0.0.1015

Quick Heal

TrojanBanker.Banbra.r3

1.16.14.00

Rising Antivirus

PE:Malware.Generic/QRS!1.9E2D[F1]

23.00.65.16119

Sophos

Mal/Generic-S

4.98

Trend Micro

TROJ_GEN.R01TC0DEL15

10.465.21

VIPRE Antivirus

Trojan.Win32.Generic

43798

Zillya! Antivirus

Trojan.Banbra.Win32.23234

2.0.0.2400

File size:

680 KB (696,320 bytes)

Product version:

1.0.0.0

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\downloads\flashplayer15.exe

File PE Metadata

Compilation timestamp:

5/12/2015 6:22:28 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

12288:/rjZJwfp0mOM3TNywYUZG8VNkUJZfsrdCA0F8zDw09:DjZJwfyhDWrV6UJZf4dCj8z

Entry address:

0x81B45A

Entry point:

60, E8, 00, 00, 00, 00, 58, 05, 5A, 0B, 00, 00, 8B, 30, 03, F0, 2B, C0, 8B, FE, 66, AD, C1, E0, 0C, 8B, C8, 50, AD, 2B, C8, 03, F1, 8B, C8, 57, 51, 49, 8A, 44, 39, 06, 88, 04, 31, 75, F6, 2B, C0, AC, 8B, C8, 80, E1, F0, 24, 0F, C1, E1, 0C, 8A, E8, AC, 0B, C8, 51, 02, CD, BD, 00, FD, FF, FF, D3, E5, 59, 58, 8B, DC, 8D, A4, 6C, 90, F1, FF, FF, 51, 2B, C9, 51, 51, 8B, CC, 51, 66, 8B, 17, C1, E2, 0C, 52, 57, 83, C1, 04, 51, 50, 83, C1, 04, 56, 51, E8, 5E, 00, 00, 00, 8B, E3, 5E, 5A, 2B, C0, 89, 04, 32, B4, 10... 
[+]

Packer / compiler:

ASPack v1.08.04

Code size:

2.1 MB (2,155,008 bytes)

The file flashplayer15.exe has been seen being distributed by the following 2 URLs.

http://socialcomputing.ing.puc.cl/adobe.com/.../?GET=1

temp:flashplayer15.exe

Remove flashplayer15.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.