grammar_workout_level_1.exe

My Flash Projector

Macmillan Publishers Ltd

The executable grammar_workout_level_1.exe, “My Flash Application ” has been detected as malware by 3 anti-virus scanners.
Publisher:
Multidmedia Limited   (signed by Macmillan Publishers Ltd)

Product:
My Flash Projector

Description:
My Flash Application

Version:
1.0.0.0

MD5:
1c437b1887361c9e1552ed0e9c71d13e

SHA-1:
4631d9d69985a7779f2e9b99c0115d0ff330648b

SHA-256:
fe0547952a05a1522dc9e67ce5f123772d6fd6fa281c32cc7a9b50b3c8b3ecd6

Scanner detections:
3 / 68

Status:
Malware

Analysis date:
11/24/2024 10:01:45 PM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
Win32/Floxif.H virus
6.3.12010.0

F-Prot
W32/Floxif.B
4.6.5.141

Microsoft Security Essentials
TrojanDropper:Win32/Floxif.A
1.233.1442.0

File size:
5.2 MB (5,458,885 bytes)

Product version:
1.0.0.0

Copyright:
Multidmedia Limited

Trademarks:
Copyright 2010 Multidmedia Limited

Original file name:
GrammrGoals

File type:
Executable application (Win32 EXE)

Language:
English (United Kingdom)

Digital Signature
Authority:
Thawte, Inc.

Valid from:
4/10/2013 7:00:00 AM

Valid to:
4/15/2015 6:59:59 AM

Subject:
CN=Macmillan Publishers Ltd, OU=Macmillan Education, O=Macmillan Publishers Ltd, L=Oxford, S=Oxfordshire, C=GB

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
0E40CAB76F70405D6E182433899996A1

File PE Metadata
Compilation timestamp:
7/24/2010 3:43:43 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
7.10

CTPH (ssdeep):
98304:83qvNUuBLIo3djwcRq83xZPJLWp2U8+Rp/fYfjjBO4DUyY0PrQx3oE4E6mUVB:84vLd3lvfPhpD2GUrqc3oc6my

Entry address:
0x6F58C0

Entry point:
E9, 23, 82, D9, FF, 00, 8D, BE, 00, F0, CC, FF, 57, 83, CD, FF, EB, 10, 90, 90, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, EF, 75, 09, 8B, 1E, 83, EE, FC, 11, DB, 73, E4, 31, C9, 83, E8, 03, 72, 0D, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 74, 89, C5, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, 75, 20, 41, 01, DB, 75...
 
[+]

Entropy:
7.7810

Packer / compiler:
Xtreme-Protector v1.05

Code size:
3.8 MB (3,948,544 bytes)

Remove grammar_workout_level_1.exe - Powered by Reason Core Security