flashplayer_22.0.0.exe

LikeGrasp

Emergency Soft

The executable flashplayer_22.0.0.exe, “Underline Tdd Nonexsistant Nematic Cest” has been detected as malware by 4 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from storage-eu-5.sharefile.com.
Publisher:
Emergency Soft

Product:
LikeGrasp

Description:
Underline Tdd Nonexsistant Nematic Cest

Version:
9.5.3.279

MD5:
85b2ea148d51d69e87c62d5fd612201c

SHA-1:
297a8b89265f207168369933938a5828a132c740

SHA-256:
a907da5b1da44bf0e7f4361191f7ccbda2f8bd8b3b31ee7f1e442d8550365de6

Scanner detections:
4 / 68

Status:
Malware

Analysis date:
11/27/2024 9:51:01 PM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Malware-gen
160503-1

Emsisoft Anti-Malware
Gen:Variant.Zusy.172368
11.5.0.6191

ESET NOD32
Win32/Kryptik.EHBB trojan
7.0.302.0

File size:
406.5 KB (416,256 bytes)

Product version:
9.5.3.279

Copyright:
All rights reserved. Emergency Soft

Trademarks:
All rights reserved. Emergency Soft

Original file name:
LikeGrasp.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\flashplayer_22.0.0.exe

File PE Metadata
Compilation timestamp:
12/2/2015 11:09:51 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
6144:UdSOJ6zHppkdBuZ1IZb+Q7nrFD9P/Riwqpvj1nzP4NEsbctiy6:XK0JEuQz7nr/P/RifpxnzP4J+iy6

Entry address:
0x1636E

Entry point:
E8, 38, 9E, 00, 00, E9, 78, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, 8B, 4C, 24, 04, F7, C1, 03, 00, 00, 00, 74, 24, 8A, 01, 83, C1, 01, 84, C0, 74, 4E, F7, C1, 03, 00, 00, 00, 75, EF, 05, 00, 00, 00, 00, 8D, A4, 24, 00, 00, 00, 00, 8D, A4, 24, 00, 00, 00, 00, 8B, 01, BA, FF, FE, FE, 7E, 03, D0, 83, F0, FF, 33, C2, 83, C1, 04, A9, 00, 01, 01, 81, 74, E8, 8B, 41, FC, 84, C0, 74, 32, 84, E4, 74, 24, A9, 00, 00, FF, 00, 74, 13, A9, 00, 00, 00, FF, 74, 02, EB, CD, 8D, 41, FF, 8B, 4C, 24, 04, 2B, C1, C3, 8D...
 
[+]

Code size:
268 KB (274,432 bytes)

The file flashplayer_22.0.0.exe has been seen being distributed by the following URL.

Remove flashplayer_22.0.0.exe - Powered by Reason Core Security