home

FlyMusic.exe

Address Finder

The application FlyMusic.exe has been detected as a potentially unwanted program by 27 anti-malware scanners. The file has been seen being downloaded from www.1flymusic.com.
Publisher:
Address Finder

Product:
Address Finder

Description:
Simple Type

Version:
3.00.0001

MD5:
f664d2844a05d1b9db6ccc65d01e6094

SHA-1:
1b412549844e2646d7915919232ee35deb50b7b7

SHA-256:
97d8dd51f574ba0f5d651c919aa1b56e510588bb36a17913ff5da83bafd98316

Scanner detections:
27 / 68

Status:
Potentially unwanted

Analysis date:
11/23/2024 1:16:57 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.Generic.13082059
254

Agnitum Outpost
Riskware.Hoax
7.1.1

Avira AntiVirus
JOKE/Agent.270336
8.3.1.6

avast!
Win32:Malware-gen
2014.9-160525

Baidu Antivirus
Trojan.Win32.BadJoke
4.0.3.16525

Bitdefender
Trojan.Generic.13082059
1.0.20.730

Comodo Security
UnclassifiedMalware
22198

Emsisoft Anti-Malware
Trojan.Generic.13082059
8.16.05.25.03

Fortinet FortiGate
W32/GenericR.DFT!tr
5/25/2016

F-Secure
Trojan.Generic.13082059
11.2016-25-05_4

G Data
Trojan.Generic.13082059
16.5.25

IKARUS anti.virus
Hoax.Win32.Agent
t3scan.1.8.9.0

K7 AntiVirus
Riskware
13.204.15985

Kaspersky
Hoax.Win32.Agent
14.0.0.157

McAfee
GenericR-DFT!F664D2844A05
5600.6388

MicroWorld eScan
Trojan.Generic.13082059
17.0.0.438

NANO AntiVirus
Riskware.Win32.Agent.dqtrzw
0.30.24.1636

Norman
Suspicious_Gen2.WCTAH
11.20160525

nProtect
Trojan.Generic.13082059
15.05.21.01

Panda Antivirus
Trj/CI.A
16.05.25.03

Qihoo 360 Security
HEUR/QVM03.0.Malware.Gen
1.0.0.1015

Rising Antivirus
PE:Malware.XPACK-HIE/Heur!1.9C48
23.00.65.16523

Sophos
Generic PUA BL
4.98

SUPERAntiSpyware
Trojan.Agent/Gen-Agent
9122

Trend Micro House Call
TROJ_GEN.R00UC0ECV15
7.2.146

Trend Micro
TROJ_GEN.R00UC0ECV15
10.465.25

VIPRE Antivirus
Trojan.Win32.Generic.pak!cobra
40430

File size:
264 KB (270,336 bytes)

Product version:
3.00.0001

Copyright:
address.finder.sell@gmail.com

Trademarks:
majidas2006@gmail.com

Original file name:
FlyMusic.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\flymusic.exe

File PE Metadata
Compilation timestamp:
3/18/2015 10:23:38 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
6144:G5rvenmt2AiqfcJwk10rmt2Aiq62AiqIx:yvenmgAiqfcyi0rmgAiqnAiqIx

Entry address:
0x1498

Entry point:
68, 6C, 92, 41, 00, E8, F0, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 50, 00, 00, 00, 40, 00, 00, 00, 18, E5, 76, AD, C9, 43, 74, 4A, AF, 02, 77, F0, 4F, DC, E2, 7B, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 41, 64, 64, 72, 65, 73, 73, 46, 69, 6E, 64, 65, 72, 56, 33, 00, 53, 69, 6D, 70, 6C, 65, 20, 54, 79, 70, 65, 00, 00, 00, 00, 00, 00, 00, 00, 00, FF, CC, 31, 00, 06, A6, F1, D5, 63, A4, 94, 36, 40, 91, 09, EE, 17, BA, 5A, 82, FF, 91, 55, B3, AD, A5, 5E, D6, 4F, A6, E9, B8...
 
[+]

Entropy:
6.2587

Developed / compiled with:
Microsoft Visual Basic v5.0/v6.0

Code size:
200 KB (204,800 bytes)

The file FlyMusic.exe has been seen being distributed by the following URL.

http://www.1flymusic.com/.../FlyMusic.exe

Remove FlyMusic.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.