» FLVUpdate.exe
Overview
Analysis
File Details
Downloads (1)

FLVUpdate.exe

AOE

The executable FLVUpdate.exe has been detected as malware by 34 anti-virus scanners. The file has been seen being downloaded from canliizle.in.

File name:

FLVUpdate.exe

Publisher:

AOE

Product:

AOE

Version:

773

MD5:

c51ca6d7d8158790d9244a40fa7c55b0

SHA-1:

38d1fe36bae99a8ad56d5686353763607d9d9565

SHA-256:

b5d68dfb74fc2954823349ce445e5ab624e2798a9d213ef002c71fdd4977b8a7

Scanner detections:

34 / 68

Status:

Malware

Analysis date:

11/27/2024 8:54:37 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Trojan.Heur.IEC.856e41075b2

191

AegisLab AV Signature

Troj.Ransom.W32.Blocker.erqe!c

2.1.4+

Agnitum Outpost

Trojan.Blocker

7.1.1

AhnLab V3 Security

Trojan/Win32.Blocker.N1186310646

3.7.4.14

Avira AntiVirus

TR/Strictor.48995.5

8.3.3.4

avast!

Win32:Dropper-NYB [Drp]

2014.9-160727

AVG

Generic36

2017.0.2669

Baidu Antivirus

Win32.Trojan.WisdomEyes.151026.9950

4.0.3.16727

Bitdefender

Gen:Trojan.Heur.IEC.856e41075b2

1.0.20.1045

Comodo Security

UnclassifiedMalware

25351

Dr.Web

Trojan.DownLoader11.13969

9.0.1.0209

Emsisoft Anti-Malware

Gen:Trojan.Heur.IEC.856e41075b2

8.16.07.27.04

ESET NOD32

MSIL/Bepush (variant)

10.13721

Fortinet FortiGate

MSIL/Bepush.E!tr

7/27/2016

F-Secure

Gen:Trojan.Heur.IEC.856e41075b2

11.2016-27-07_4

G Data

Gen:Trojan.Heur.IEC.856e41075b2

16.7.25

IKARUS anti.virus

Trojan.MSIL.Bepush

t3scan.2.1.6.0

K7 AntiVirus

Trojan

13.231.20070

Kaspersky

HEUR:Trojan.Win32.Generic

14.0.0.-158

Malwarebytes

Trojan.Injector.MSIL

v2016.07.27.04

McAfee

RDN/Generic.tfr!dz

5600.6325

Microsoft Security Essentials

Trojan:MSIL/Bepush.gen!A

1.1.12805.0

MicroWorld eScan

Gen:Trojan.Heur.IEC.856e41075b2

17.0.0.627

NANO AntiVirus

Trojan.Win32.Blocker.datgwn

1.0.38.8984

nProtect

Trojan/W32.Blocker.206848.E

16.06.28.01

Panda Antivirus

Trj/CI.A

16.07.27.04

Qihoo 360 Security

Win32/Trojan.1e6

1.0.0.1120

Quick Heal

TrojanRansom.Blocker.r3

7.16.14.00

Sophos

Mal/Generic-S

4.98

Trend Micro House Call

TROJ_SPNR.35FJ14

7.2.209

Trend Micro

TROJ_SPNR.35FJ14

10.465.27

VIPRE Antivirus

Trojan.Win32.Generic.pak!cobra

50456

ViRobot

Trojan.Win32.S.Agent.206848.AE[h]

2014.3.20.0

Zillya! Antivirus

Trojan.Blocker.Win32.19004

2.0.0.2932

File size:

202 KB (206,848 bytes)

Product version:

773

Trademarks:

AOE

Original file name:

FLVUpdate.exe

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\flvupdate.exe

File PE Metadata

Compilation timestamp:

5/23/2014 6:45:12 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

3072:rkocNolZTaH0tw3HmXOwJNVoUZTaH0t71HmiOwFN07ZTaH0taYHmxqAFNCoZTaHL:sNMa1yNzawFNSaYUNnaZ

Entry address:

0x329FA

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 03, 00, 03, 00, 00, 00, 28, 00, 00, 80, 0E, 00, 00, 00, A0, 15, 00, 80, 10, 00, 00, 00, FE, 15, 00, 80, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 02, 00, 02, 00, 00, 00, 48, 00, 00, 80, 03, 00, 00, 00, 14, 11, 00, 80, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, 60, 00, 00, 00, 6C, 40, 03, 00, A8, 10, 00, 00, 00, 00, 00, 00, 28, 00, 00, 00, 20, 00, 00, 00, 40, 00, 00, 00, 01, 00... 
[+]

Entropy:

5.9904

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

194.5 KB (199,168 bytes)

The file FLVUpdate.exe has been seen being distributed by the following URL.

http://canliizle.in/dl.php

Remove FLVUpdate.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.