» grammar_workout_level_1.exe
Overview
Analysis
File Details

grammar_workout_level_1.exe

My Flash Projector

Macmillan Publishers Ltd

The executable grammar_workout_level_1.exe, “My Flash Application ” has been detected as malware by 3 anti-virus scanners.

File name:

Publisher:

Multidmedia Limited (signed by Macmillan Publishers Ltd)

Product:

My Flash Projector

Description:

My Flash Application

Version:

1.0.0.0

MD5:

1c437b1887361c9e1552ed0e9c71d13e

SHA-1:

4631d9d69985a7779f2e9b99c0115d0ff330648b

SHA-256:

fe0547952a05a1522dc9e67ce5f123772d6fd6fa281c32cc7a9b50b3c8b3ecd6

Scanner detections:

3 / 68

Status:

Malware

Analysis date:

11/24/2024 10:01:45 PM UTC (today)

Scan engine

Detection

Engine version

ESET NOD32

Win32/Floxif.H virus

6.3.12010.0

F-Prot

W32/Floxif.B

4.6.5.141

Microsoft Security Essentials

TrojanDropper:Win32/Floxif.A

1.233.1442.0

File size:

5.2 MB (5,458,885 bytes)

Product version:

1.0.0.0

Multidmedia Limited

Trademarks:

Original file name:

GrammrGoals

File type:

Executable application (Win32 EXE)

Language:

English (United Kingdom)

Digital Signature

Signed by:

Macmillan Publishers Ltd

Authority:

Thawte, Inc.

Valid from:

4/10/2013 7:00:00 AM

Valid to:

4/15/2015 6:59:59 AM

Subject:

CN=Macmillan Publishers Ltd, OU=Macmillan Education, O=Macmillan Publishers Ltd, L=Oxford, S=Oxfordshire, C=GB

Issuer:

CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:

0E40CAB76F70405D6E182433899996A1

File PE Metadata

Compilation timestamp:

7/24/2010 3:43:43 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

7.10

CTPH (ssdeep):

98304:83qvNUuBLIo3djwcRq83xZPJLWp2U8+Rp/fYfjjBO4DUyY0PrQx3oE4E6mUVB:84vLd3lvfPhpD2GUrqc3oc6my

Entry address:

0x6F58C0

Entry point:

E9, 23, 82, D9, FF, 00, 8D, BE, 00, F0, CC, FF, 57, 83, CD, FF, EB, 10, 90, 90, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, EF, 75, 09, 8B, 1E, 83, EE, FC, 11, DB, 73, E4, 31, C9, 83, E8, 03, 72, 0D, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 74, 89, C5, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, 75, 20, 41, 01, DB, 75... 
[+]

Entropy:

7.7810

Packer / compiler:

Xtreme-Protector v1.05

Code size:

3.8 MB (3,948,544 bytes)

Remove grammar_workout_level_1.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.