» flvplayer.exe
Overview
Analysis
File Details
Downloads (1)

flvplayer.exe

Tomb Raider: Anniversary

Eidos Inc.

The executable flvplayer.exe has been detected as malware by 30 anti-virus scanners. The file has been seen being downloaded from download1120.mediafire.com.

File name:

flvplayer.exe

Publisher:

Eidos Inc.

Product:

Tomb Raider: Anniversary

Version:

1.0.9

MD5:

3a288f1235ca86c38d7f454f97a000e0

SHA-1:

e29fdd85e2de40789686112764d3023f3194a192

SHA-256:

6df5798d3a5d4fc9fedff588088acb49a625eb4d1df35af30dbc27852f3c119c

Scanner detections:

30 / 68

Status:

Malware

Analysis date:

11/5/2024 2:32:47 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.GenericKD.1635856

216

AegisLab AV Signature

Troj.W32.Gen

2.1.4+

Agnitum Outpost

Trojan.Blocker

7.1.1

AhnLab V3 Security

Spyware/Win32.ActualSpy

2014.07.12

Avira AntiVirus

TR/Changeling.A.2032

7.11.160.46

avast!

Win32:Dropper-gen [Drp]

2014.9-160702

AVG

MSIL3

2017.0.2694

Baidu Antivirus

Trojan.Win32.ZBot

4.0.3.1672

Bitdefender

Trojan.GenericKD.1635856

1.0.20.920

Comodo Security

UnclassifiedMalware

18844

Dr.Web

Trojan.Inject1.41622

9.0.1.0184

Emsisoft Anti-Malware

Trojan.GenericKD.1635856

8.16.07.02.12

Fortinet FortiGate

W32/Blocker.EGHT!tr

7/2/2016

F-Secure

Trojan.GenericKD.1635856

11.2016-02-07_7

G Data

Trojan.GenericKD.1635856

16.7.24

IKARUS anti.virus

Trojan.SuspectCRC

t3scan.1.6.1.0

K7 AntiVirus

Trojan

13.180.12701

Kaspersky

Trojan-Ransom.Win32.Blocker

14.0.0.-33

McAfee

RDN/Ransom!ee

5600.6350

MicroWorld eScan

Trojan.GenericKD.1635856

17.0.0.552

NANO AntiVirus

Trojan.Win32.Blocker.cwsspy

0.28.0.60698

Norman

Troj_Generic.TPHME

11.20160702

nProtect

Trojan.GenericKD.1635856

14.07.11.01

Panda Antivirus

Generic Malware

16.07.02.12

Qihoo 360 Security

HEUR/Malware.QVM03.Gen

1.0.0.1015

Quick Heal

TrojanRansom.Blocker.r3

7.16.14.00

Trend Micro House Call

TROJ_GEN.R0CBC0FDR14

7.2.184

Trend Micro

TROJ_GEN.R0CBC0FDR14

10.465.02

VIPRE Antivirus

Trojan.Win32.Generic

31178

Zillya! Antivirus

Trojan.Blocker.Win32.16692

2.0.0.1855

File size:

293.5 KB (300,544 bytes)

Product version:

1.0.9

Trademarks:

Crystal Dynamics(R), the Crystal Dynamics(R) logo and the Eidos(R) logo are registered trademarks of the Eidos Group of Companies

Original file name:

47.exe

File type:

Executable application (Win32 EXE)

File PE Metadata

Compilation timestamp:

4/7/2014 8:52:31 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

6144:86g8v4dbtYzMKHBqHjPicIJd7XqP7XL49Y5ggogXjvrZzouncvh9GMlXxSti:BGF0BqDPicIJ1KXL+Yevh9GMlXEti

Entry address:

0x1B0FE

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

7.2649

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

100.5 KB (102,912 bytes)

The file flvplayer.exe has been seen being distributed by the following URL.

http://download1120.mediafire.com/r3caspzqwdpg/.../FlvPlayer.exe

Remove flvplayer.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.