home

flashplayersetup__3873_i288506875_il22.exe

The executable flashplayersetup__3873_i288506875_il22.exe has been detected as malware by 1 anti-virus scanner. This is a setup program which is used to install the application. The file has been seen being downloaded from cldlr.com.
MD5:
96786fcb5120dcc029fe5f0d9586f509

SHA-1:
2daa219a354cbd3f085457a61064356680d1f073

SHA-256:
0deae6aba1fe8ff14abeb43a82ebc32b0c450378fe02cf0640fcffc4493bb5ee

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
11/27/2024 4:52:56 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
(M)
16.6.7.0

File size:
331 KB (338,984 bytes)

File type:
Executable application (Win16 EXE)

Common path:
C:\users\{user}\downloads\flashplayersetup__3873_i288506875_il22.exe

File PE Metadata
Compilation timestamp:
1/23/2014 1:58:16 PM

OS version:
5.1

OS bitness:
Win16

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
6144:ss2IIPoKr5AcAbogtYMB3ublZoeGvJ+/8Eb0EBb4m4axIFpuK:ssrIP5r5ApbogSk3uwFA8ZEld4BpJ

Entry address:
0x27364

Entry point:
E8, 9A, 95, 00, 00, E9, 89, FE, FF, FF, 57, 8B, C6, 83, E0, 0F, 85, C0, 0F, 85, C1, 00, 00, 00, 8B, D1, 83, E1, 7F, C1, EA, 07, 74, 65, EB, 06, 8D, 9B, 00, 00, 00, 00, 66, 0F, 6F, 06, 66, 0F, 6F, 4E, 10, 66, 0F, 6F, 56, 20, 66, 0F, 6F, 5E, 30, 66, 0F, 7F, 07, 66, 0F, 7F, 4F, 10, 66, 0F, 7F, 57, 20, 66, 0F, 7F, 5F, 30, 66, 0F, 6F, 66, 40, 66, 0F, 6F, 6E, 50, 66, 0F, 6F, 76, 60, 66, 0F, 6F, 7E, 70, 66, 0F, 7F, 67, 40, 66, 0F, 7F, 6F, 50, 66, 0F, 7F, 77, 60, 66, 0F, 7F, 7F, 70, 8D, B6, 80, 00, 00, 00, 8D, BF...
 
[+]

Code size:
230.5 KB (236,032 bytes)

The file flashplayersetup__3873_i288506875_il22.exe has been seen being distributed by the following URL.

http://cldlr.com/?a=4702&c=56476&s1=&s2=Rek

Remove flashplayersetup__3873_i288506875_il22.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.