» flashplayer26.exe
Overview
Analysis
File Details
Downloads (1)

flashplayer26.exe

Hisk

The executable flashplayer26.exe has been detected as malware by 18 anti-virus scanners. This is a setup program which is used to install the application. According to AVG, this software downloads additional adware offers during setup. The file has been seen being downloaded from storage-eu-3.sharefile.com.

File name:

flashplayer26.exe

Product:

Hisk

Version:

1.0.0.0

MD5:

e2275fa80d1ecb3f6b2915fac6221e4c

SHA-1:

3a4f3e4c28e0709f96b0eebc20d70b9c2197ff42

SHA-256:

50f1fd262c67580b8066f58750c583380820103e412526a99a7b522abce00a01

Scanner detections:

18 / 68

Status:

Malware

Analysis date:

1/9/2025 11:31:43 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Trojan.Heur.KT.2.lm0@aqKjdTg

343

AegisLab AV Signature

Heur.MSIL.Androm

2.1.4+

Avira AntiVirus

TR/Spy.Agent.190976.13

8.3.3.2

Arcabit

Trojan.Heur.KT.2.E9299C

1.0.0.656

AVG

Downloader.MSIL

2017.0.2821

Bitdefender

Gen:Trojan.Heur.KT.2.lm0@aqKjdTg

1.0.20.290

Comodo Security

TrojWare.Win32.Agent.WQ

24332

Dr.Web

Trojan.DownLoader19.32884

9.0.1.058

Emsisoft Anti-Malware

Gen:Trojan.Heur.KT.2.lm0@aqKjdTg

10.0.0.5366

ESET NOD32

MSIL/TrojanDownloader.Banload.GF (variant)

10.13084

Fortinet FortiGate

MSIL/Banload.FX!tr.dldr

2/27/2016

F-Secure

Gen:Trojan.Heur.KT.2.lm0@aqKjdTg

11.2016-27-02_7

G Data

Gen:Trojan.Heur.KT.2.lm0@aqKjdTg

16.2.25

IKARUS anti.virus

Trojan-Downloader.MSIL.Banload

t3scan.2.0.7.0

MicroWorld eScan

Gen:Trojan.Heur.KT.2.lm0@aqKjdTg

17.0.0.174

Norman

Gen:Trojan.Heur.KT.2.lm0@aqKjdTg

19.02.2016 10:08:15

Rising Antivirus

PE:Malware.Generic/QRS!1.9E2D [F]

23.00.65.16225

VIPRE Antivirus

Trojan.Win32.Generic

47464

File size:

186.5 KB (190,976 bytes)

Product version:

1.0.0.0

Original file name:

QTVoPqqqqqqqqPPPPPPPPPXXXXXXXX.exe

File type:

Executable application (Win64 EXE)

Language:

Language Neutral

Common path:

C:\documents and settings\wagner\meus documentos\downloads\flashplayer26.exe

File PE Metadata

Compilation timestamp:

2/23/2016 11:37:06 AM

OS version:

4.0

OS bitness:

Win64

Subsystem:

Windows GUI

Linker version:

80.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

3072:H7cc9bLRDiI32GhNvWkUcNCMhFh3c6BtMbFGGluuY1z1pbY:4c9bb2GhNukpNxhFBMbFGGludb

Entry address:

0x150CA

Entry point:

4D, 5A, 90, 00, 03, 00, 00, 00, 04, 00, 00, 00, FF, FF, 00, 00, B8, 00, 00, 00, 00, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 80, 00, 00, 00, 0E, 1F, BA, 0E, 00, B4, 09, CD, 21, B8, 01, 4C, CD, 21, 54, 68, 69, 73, 20, 70, 72, 6F, 67, 72, 61, 6D, 20, 63, 61, 6E, 6E, 6F, 74, 20, 62, 65, 20, 72, 75, 6E, 20, 69, 6E, 20, 44, 4F, 53, 20, 6D, 6F, 64, 65, 2E, 0D, 0D, 0A, 24, 00, 00, 00, 00, 00, 00, 00... 
[+]

Code size:

76.5 KB (78,336 bytes)

The file flashplayer26.exe has been seen being distributed by the following URL.

https://storage-eu-3.sharefile.com/.../M54lQzbnlVGrGU4=

Remove flashplayer26.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.