» FLVGuncelle.exe
Overview
Analysis
File Details
Downloads (2)

FLVGuncelle.exe

AOE

The executable FLVGuncelle.exe has been detected as malware by 32 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from www.showmaskonnn.com and multiple other hosts.

File name:

FLVGuncelle.exe

Publisher:

AOE

Product:

AOE

Version:

105

MD5:

778f73a036a1adb5e9145c2e4f2cde82

SHA-1:

0a1e40dc228acdb3928125e1df473c59d9674fe4

SHA-256:

d547ba155b47828cf8f52f805c3ecab1c2ae5dfa9b19f4893b2f3f43c7c5b5e5

Scanner detections:

32 / 68

Status:

Malware

Analysis date:

2/26/2025 1:04:49 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Zusy.79036

991

Agnitum Outpost

Trojan.Blocker

7.1.1

AhnLab V3 Security

Trojan/Win32.Blocker

14.05.19

Avira AntiVirus

TR/Zusy.79036.24

7.11.149.244

avast!

Win32:Ransom-ARZ [Trj]

2014.9-140519

AVG

Pakes_c

2015.0.3469

Baidu Antivirus

Trojan.Win32.Bepush

4.0.3.14519

Bitdefender

Gen:Variant.Zusy.79036

1.0.20.695

Comodo Security

UnclassifiedMalware

18281

Dr.Web

Trojan.DownLoader11.8516

9.0.1.0139

Emsisoft Anti-Malware

Gen:Variant.Zusy.79036

8.14.05.19.12

ESET NOD32

MSIL/Bepush (variant)

8.9806

Fortinet FortiGate

W32/Bepush.G!tr

5/19/2014

F-Secure

Gen:Variant.Zusy.79036

11.2014-19-05_2

G Data

Gen:Variant.Zusy.79036

14.5.24

IKARUS anti.virus

Trojan-Dropper.MSIL

t3scan.1.6.1.0

K7 AntiVirus

Trojan

13.177.12101

Kaspersky

Trojan-Ransom.Win32.Blocker

14.0.0.3842

Malwarebytes

Trojan.Downloader.MSIL

v2014.05.19.12

McAfee

Artemis!778F73A036A1

5600.7125

Microsoft Security Essentials

TrojanDropper:MSIL/Bepush

1.10502

MicroWorld eScan

Gen:Variant.Zusy.79036

15.0.0.417

Norman

Suspicious_Gen4.GHJMM

11.20140519

nProtect

Trojan/W32.Blocker.333312.D

14.05.15.01

Panda Antivirus

Trj/CI.A

14.05.19.12

Qihoo 360 Security

Win32/Trojan.98e

1.0.0.1015

Quick Heal

TrojanRansom.Blocker.r3

5.14.14.00

Sophos

Mal/Generic-S

4.98

Trend Micro House Call

TROJ_GEN.F0C2H00E914

7.2.139

Trend Micro

TROJ_BEPUSH.SM

10.465.19

VIPRE Antivirus

Trojan.Win32.Generic

29260

File size:

325.5 KB (333,312 bytes)

Product version:

105

Trademarks:

AOE

Original file name:

FLVGuncelle.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\flvguncelle.exe

File PE Metadata

Compilation timestamp:

5/7/2014 3:26:33 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

6144:nUy4vNhuzlVL7RRcXdh+vn2KZrtfrw/OEx+4MXVyLURjU8:nU/UrPcXdhSBfrWOC+PVLR4

Entry address:

0x5164A

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

318 KB (325,632 bytes)

The file FLVGuncelle.exe has been seen being distributed by the following 2 URLs.

http://www.showmaskonnn.com/dl.php

http://www.fileshareservices.net/dl.php

Remove FLVGuncelle.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.