home

FlashTraderClearSetup.exe

FlashTraderClear

Onesoft Tecnologia S.A.

This is a setup and installation application. The file has been seen being downloaded from t.email.flashtrader.com.br and multiple other hosts.
Publisher:
Onesoft Tecnologia S.A.  (signed and verified)

Product:
FlashTraderClear

Version:
1.0.8

MD5:
96129a2ad83b7e29585ded3f93743791

SHA-1:
09896fc4e3323f16146e88b988405035ab7fee23

SHA-256:
aa718feab1aec31832a99dfe1136387ef4053cc0bba5e3d0285119196e1a609a

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/23/2024 8:23:50 AM UTC  (today)

File size:
13.3 MB (13,911,008 bytes)

Product version:
1.0.8

Copyright:
Copyright (C) 2015 Onesoft Tecnologia S.A.

Original file name:
FlashTraderClearSetup.exe

File type:
Executable application (Win32 EXE)

Language:
Brazilian Portuguese

Common path:
C:\users\{user}\downloads\flashtraderclearsetup.exe

Digital Signature
Signed by:
Onesoft Tecnologia S.A.

Authority:
COMODO CA Limited

Valid from:
4/21/2015 9:00:00 PM

Valid to:
4/21/2016 8:59:59 PM

Subject:
CN=Onesoft Tecnologia S.A., O=Onesoft Tecnologia S.A., STREET="Av. Brigadeiro Faria Lima, 3311", STREET=4o. Andar - Cj 42, L=São Paulo, S=São Paulo, PostalCode=04538-133, C=BR

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
024E8CC4CD61B370927E2E64B87F2779

File PE Metadata
Compilation timestamp:
9/15/2015 5:37:26 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
196608:C/2MHrpdCB9sqX6bq5WVCiwyZQq8T4e0N0a2Y9bnI9dzgAJKKFZvz0:CdQ9sqX6WEVCih04e0b9bkzgABF9w

Entry address:
0xC684C

Entry point:
E8, 59, C8, 00, 00, E9, 79, FE, FF, FF, 8B, FF, 55, 8B, EC, 51, 53, 56, 8B, F0, 33, DB, 3B, F3, 75, 1E, E8, 7D, 48, 00, 00, 6A, 16, 5E, 53, 53, 53, 53, 53, 89, 30, E8, C5, D5, FF, FF, 83, C4, 14, 8B, C6, E9, C2, 00, 00, 00, 57, 39, 5D, 0C, 77, 1E, E8, 59, 48, 00, 00, 6A, 16, 5E, 53, 53, 53, 53, 53, 89, 30, E8, A1, D5, FF, FF, 83, C4, 14, 8B, C6, E9, 9D, 00, 00, 00, 33, C0, 39, 5D, 14, 66, 89, 06, 0F, 95, C0, 40, 39, 45, 0C, 77, 09, E8, 2A, 48, 00, 00, 6A, 22, EB, CF, 8B, 45, 10, 83, C0, FE, 83, F8, 22, 77...
 
[+]

Code size:
1010 KB (1,034,240 bytes)

The file FlashTraderClearSetup.exe has been seen being distributed by the following 8 URLs.

http://t.email.flashtrader.com.br/.../click?upn=K09SHrleaAh-2F38mch-2B5cNnoX4ed71Df3w-2BK7ZxaKxeSMbrlhlbN4FFdgQ9B504OFZMyt7dMq7FsP4ZE7D-2FvreaSQTN9vsBfZ8ivEqjN6UwpKT0UFVtfrzrTqZr2mTiqLNo8-2BKgQ9ApVqRdKh0p2nTw-3D-3D_BNWLZLDNXzs-2BHszpmfnuEucUpqf8k5WLzSdMpThYJh9anXOrkoj0PCOZ5KP0snH-2BAZPz5BIj3SYFUe8LI85CXScAO5-2BwlRZtiAG0YGIzEmWfppYSnHlR-2FRksqCKlHuuqCExvobfU2qZq-2B5iPDKpEl9fzk6L8O0aXG7fCW4VYjTgnTs38phcUsHznJ5Su7E7Ri-2FAz4lq7DxsLA-2BjJzSYfjrRc-2FaPywORt22LaIw7F-2FFD-2FaDmRqSJJObNOrLLSSkvMW-2B7hKG5Pht5WWP-2F2Vxl574Hk9IM1G64hwdeJMuQWVNN0Sfk-2F9lm9axRPjMPxXil3WrXj39QYzd-2BNAmGgms29wftSNIBZzlsBswp6Ad5AUvmpvSAt822YNQyCqvccq7lqpkChqtvynC1lLPaqucI-2BQQha0g-2BgZLY-2BnU-2BhIg7gV2mBKcugB5hOT5Ivyenuu-2FnVzSYzWlFWT74VtquonRdoP9j5wMaDa2IcW19KCsQrkX4-3D

http://t.email.flashtrader.com.br/.../click?upn=K09SHrleaAh-2F38mch-2B5cNnoX4ed71Df3w-2BK7ZxaKxeSMbrlhlbN4FFdgQ9B504OFZMyt7dMq7FsP4ZE7D-2FvreaSQTN9vsBfZ8ivEqjN6UwpKT0UFVtfrzrTqZr2mTiqLNo8-2BKgQ9ApVqRdKh0p2nTw-3D-3D_xWd-2BJM2sOGbnkpz6jNXTuygoMBc-2BZ19U1Lu0aY9fYVHHo5I4VKI4B-2FZ07m7Rz-2BqYjpGV9TAck95YD0akIJR-2FL5J1bsOOGdHvIXnZuizg-2FSD8ZLEubq4nyqJJ0fXeClOePeeVBxW-2FJUmoL5pmU66IYK9808KSSLocDKyAgweY6rI4t1ukUfZY5X-2BP7dqDYv7opYh53wRgpErZImVLTZZNiSLkyb-2B0LjwFAqVNFUqOPd-2BNlNNVtuE9S3FTX1kBeGVNiv1gGDIETBiV658fO2nt5wI-2BhHTPeOs0WNjVMvKriazdLut5Uv7pIscREk7MVAjnuMIGPtuV-2FB4wpjTYVTwZD0huORz8YVhUsQr-2B6x5pDTZURmnMxtdPN75mApxheRcvI62uFw2Qk-2B0UHyWDWqalcnhB3NXK1KVJ6peGYNC4kQUcFtMz35vt-2FlYj68vWZj-2B9MtnNrRelPATR4YxHZY0vG9gT-2BL5LquA4UY1Qmf1FNNU-3D

http://t.email.flashtrader.com.br/.../click?upn=K09SHrleaAh-2F38mch-2B5cNnoX4ed71Df3w-2BK7ZxaKxeSMbrlhlbN4FFdgQ9B504OFZMyt7dMq7FsP4ZE7D-2FvreaSQTN9vsBfZ8ivEqjN6UwpKT0UFVtfrzrTqZr2mTiqLNo8-2BKgQ9ApVqRdKh0p2nTw-3D-3D_pgytO1GhsZ0WVSK2t6DjwQEBK920W6mXqh2xPe3Qtsm1GjZEzwTmQ7XfzTRRlDeBl49TdW9CuQGaEBdALPqPdW1-2BhC6IYZG3w4x7pnu2dOS47fdqIocerpBuLt6o8Ob6QcBXGgaTNodRQnmZOO0VJml9AmeIThvJhjQ8OGl-2BYglMkz9BaD8r-2FFojwOz0k2fRj5jYJLr9oFiR8xfM2OKi3YgyE5SLjrRKiVvLoRWmsShRlFm4vRdH-2Fmblctrdf-2FkNin3VJbIIUtg04YjLR8bn40BKKWPvb6VFTKrCVXRF3kuFOABw-2BiuL-2B1CVSC8pAAONsQdVa2aWISE0gAgLsI4efJgf6yjgGWeuhaVXD0nXWDeQujpNpApLJUjGwLdHMc7kfRle65oIfZjEhfyiCGeTmtjN31UAWzPsrAhTeN0Rio-2Bs09PtgV-2FjnmvWjk7dVjKqkNETuFAKLqDIrCuFaQ1eXzojwD6GQ8SB7DnCMrzTPxQ-3D

https://www.google.com/url?hl=en&q=http://t.email.flashtrader.com.br/.../click?upn=K09SHrleaAh-2F38mch-2B5cNnoX4ed71Df3w-2BK7ZxaKxeSMbrlhlbN4FFdgQ9B504OFZMyt7dMq7FsP4ZE7D-2FvreaSQTN9vsBfZ8ivEqjN6UwpKT0UFVtfrzrTqZr2mTiqLNo8-2BKgQ9ApVqRdKh0p2nTw-3D-3D_2RHgJn6wQSaWU0IcIrNC6lFTaPO-2Be9zRktd9ilaoTmcD1T3BeAS5G1LHKnW8jI-2FxTPW4daIm0-2Bv7z1KC35I3JdIzeb1DaExpkJLf7l9rI3Qbz70U7mV9rCJj0bJvfEdeJkRuka-2FvZk5acqZmYe-2FB8MEUg84m6HO2N-2F55KHjBiXNfMXOXQxYeIGPOPvzLSfQScpCwIf7nXT7vdJ-2FdB-2BS192QD-2BsotRWFhJ6bo2Ojal9kZGsCRYpKU7i9mok1SC34D2Ome4mYvh7COAq2vkuC-2BM-2F0Uf5EqPjgpBEmVGZsTu0rOf-2FM8fp3AHK0f9pl7BU7qxHiIBUgj9b5WI-2FL8Svj2IbEQIoPw-2BKJHaezhSAkzaw6YHtORoIaqSe-2F76ZGj9M0kviaNrHsSjnopTdRBoW8nXM736HALaooP9Fb6iX6Pn5vBRZSAYv8fEVAUfHv-2FfaJ0ZHNnT4Biaf1-2BEPSATJGJ3-2Fk3dJErwPyJfDs7P57oyfs-3D&source=gmail&ust=1476818065479000&usg=AFQjCNFGCjDNYBdACj_Ms4hvBZc0jhQOzQ

http://t.email.flashtrader.com.br/.../click?upn=K09SHrleaAh-2F38mch-2B5cNnoX4ed71Df3w-2BK7ZxaKxeSMbrlhlbN4FFdgQ9B504OFV5G2HAbL9-2Bqq3xVxKNYClzVhM0RooVHJzMxMx56938a3GuHZxz8-2F6k1sZRpuRGDCM0-2FqmzBR0k6jHpUgM9cC7W-2FxjKXvCGYYP7Aq31ACkqpVzlEKHiKax35G0whsocjO_pNJ-2FomNXNRtxCB5EKYR41E7JYyEXyWic2r6yEoRD9xrB3bPT87Bo0tscLT9qqO0pKRcUOoKG-2B98kBVQsws1TfoKaQM568s5OjP78HJ5a6-2By5h1sUUmi4EB8tjiZRCWU-2FTPSIlxG4jfpVrVx5kQME02Q-2FJpZrqR6jsyWxqHZleC9HaXvwfade6jLhfy7RNPBVemEAw8pFG-2FybxlHFY1GrFaId0X4pbr-2BoKdQ5qk1NwM8yJ813D5daYgf-2FI0SdqX2r-2F6OHvqbWY-2B1ZPxfGTQIbDSL2g2SVY8NQWYitVxwoH41uV4Qq2hem4cc0Glc8U7NmGVPlyNR6MlBXrO1c5sB33nLxjNlcAL7p6WRaxjips-2Fks48lt7RtX-2FW11RDc-2FvrbCam-2FS8-2F2cOdwbW6V52robAOw-2B2mAdhevAFVWcnsRYtkODcGTVBqht39aJlSlWlKtCSd-2BZAeFDC6IMlwSsCvupEoReGe6GGocq-2BF1NLgrh7-2BA-3D

http://t.rdsv10.net/.../click?upn=K09SHrleaAh-2F38mch-2B5cNnoX4ed71Df3w-2BK7ZxaKxeSMbrlhlbN4FFdgQ9B504OFV5G2HAbL9-2Bqq3xVxKNYClzVhM0RooVHJzMxMx56938a3GuHZxz8-2F6k1sZRpuRGDCM0-2FqmzBR0k6jHpUgM9cC7W-2FxjKXvCGYYP7Aq31ACkqpVzlEKHiKax35G0whsocjO_CTBn6y9iw93S-2FPkOc3PdDOkfMDcIZnOMiWS6v02YOqcXt2mP3da1f1KLiYawUykvp4d60o6wT9lVoX2vATITgOv3GYYR90xCgtzVgiuihLFK1YWfw-2FZ-2FV-2FPvOUvbhymvQUW035BKGpx6Sj3sQIphAMh7fIyWfhGW4444yADvbhEX4lBnLBUtfU5L6yNlHWsaZQL0suYKlRYVBGDO5sFAlg6d00laD9bqVlrcrL8QXuM5iB7ysFngi0wOSdgwADv3nIhoV6GU8rxHbuoWdOdWkFPCR377pypLRh-2FuKNOiUiOdxJG9KVHJccz5rNQ9kb-2BGoa5nVqOe6vHVaAQtGEWUst-2Bo2dFRxYS1hilt9KxksW357aDrEGS6nzKL9-2BhqYmUS9tRdECiLto-2FJvR-2BkNMeYw9gw9PVT1U7UBdbqXCZVcTQtR-2BRNKQJvs-2FC9nVATpSGDMldhgDblaq1MqhI-2Fj1j8DLNU495NkLgmwgTUXUGBrMI-3D

http://t.rdsv10.net/.../click?upn=K09SHrleaAh-2F38mch-2B5cNnoX4ed71Df3w-2BK7ZxaKxeSMbrlhlbN4FFdgQ9B504OFV5G2HAbL9-2Bqq3xVxKNYClzVhM0RooVHJzMxMx56938a3GuHZxz8-2F6k1sZRpuRGDCM0-2FqmzBR0k6jHpUgM9cC7W-2FxjKXvCGYYP7Aq31ACkqpVzlEKHiKax35G0whsocjO_0dvW73kvPOE1fkMpNHZ28GSNHcv8B8Al4j2d2SgHCkrwhrL3zSVIzPS744o7rn7gI6W1HZFVTrtoGEjK1sELTdfh9Q4xW71qpG9mnerIaHeozi8Pz8SXUOPktFUiGjNWn32eNz4CK0qTJIbwllJIwdgqwsq9VQc-2FUfsBhUZaJutskvtzpM1RrVcE2Prt9bflIHPhEu9eO-2FiHC3VWVxLy1m-2FHtgOnUOnJaNgrO0knx3tNZCRrjjvb2Xo4-2FrmdyTCRNrf8OJre-2BuSoAPEeLZCO6C3N-2FViCsRBYo6qsmSxrKS8xZDJD3oD4vnsz0xT1wa95btLsyRG6lvPBSYbflvfJ1JT95LcZ-2FFFb2lxwjWc61hl1Ji3vLeT-2BAwlJO1lhJPE-2FFJu-2BcAnCyHSgpkPjbRB0K-2BT59cZTis4RzCtf6mhb-2F8HXuXjhIzuR7evSzlJjVGriyP3YgbSdeMCcYr9qdqOwFktbVfBdUYA6D98y7FizegY-3D

http://t.rdsv10.net/.../click?upn=K09SHrleaAh-2F38mch-2B5cNnoX4ed71Df3w-2BK7ZxaKxeSMbrlhlbN4FFdgQ9B504OFV5G2HAbL9-2Bqq3xVxKNYClzVhM0RooVHJzMxMx56938a3GuHZxz8-2F6k1sZRpuRGDCM0-2FqmzBR0k6jHpUgM9cC7W-2FxjKXvCGYYP7Aq31ACkqpVzlEKHiKax35G0whsocjO_QigfK90TYKzypoz4a45oikYcTEwZLFVSsBnqry69ToFRG-2BhxoqzVKjFZzUdfG6MHp1jiLdiVfVHw2Efyyoq5bESGxGyIQk9VSEzFDbfYUknDLvsOPYnzsMXUOZSyVR8JvrplFJQVpy6gpO-2By42wSPtmhplMw-2BlqZ37wZgQEgSlCd4N1f2oJ28qLbgSq-2BMDfSSkHffYGB4DzsHtselSawXbB0wHd-2FT8qNkxXk3FFaDavG76FHsUzbQeP34wwB050xndo45OE1qIvsZZaSX7XkkxJOSTvJZ68vLpLVjXaRHamtxG9dcnVsmuFWV00RTVx1OSdIaoZ5BFFfmc37N8P57KE8TW6JgUKrvnIykgcvrmRkwpqRaQLLM8xqeSNqqrZP-2B0LXjdVXmPjA8f3r76Wjcy7ND7pQmFMUlXY8MenNxbw3Jnt1zdYjLpYLyFCZGPbFdg6arObuKeQ0dA3DolboEGNNeomb9sIpDOSvnqnX46o-3D

Scan FlashTraderClearSetup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.