» install_flashplayer14x32_x66.exe
Overview
Analysis
File Details
Downloads (1)

install_flashplayer14x32_x66.exe

Bass Player

The executable install_flashplayer14x32_x66.exe has been detected as malware by 29 anti-virus scanners. The file has been seen being downloaded from www.hightail.com.

File name:

Product:

Bass Player

Version:

3, 0, 0, 0

MD5:

dfe83034f4c629ce1dd9dfab70311072

SHA-1:

d02920875099d5a74749039b939a5843422b7902

SHA-256:

bd6ab0c3d6e5c7204c635bafe774bf79eea56b915215815aa419e1634904d56d

Scanner detections:

29 / 68

Status:

Malware

Analysis date:

11/23/2024 12:19:14 PM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

Trojan.VB

7.1.1

AhnLab V3 Security

Trojan/Win32.Asprox

2015.10.27

Avira AntiVirus

TR/Crypt.cfi.7956

8.3.2.2

Arcabit

Trojan.Generic.DBFC39C

1.0.0.585

avast!

Win32:Malware-gen

2014.9-160803

AVG

MultiDropper_c

2017.0.2662

Baidu Antivirus

Trojan.Win32.VB

4.0.3.1683

Bitdefender

Trojan.Generic.12567452

1.0.20.1080

Comodo Security

UnclassifiedMalware

23476

Dr.Web

Trojan.Siggen6.31237

9.0.1.0216

Emsisoft Anti-Malware

Trojan.Generic.12567452

8.16.08.03.08

ESET NOD32

Win32/VB.RTN

10.12465

Fortinet FortiGate

W32/VB.CTXV!tr

8/3/2016

F-Prot

W32/Kilim.B.gen

v6.4.7.1.166

F-Secure

Trojan:W32/Bepush.B

11.2016-03-08_4

G Data

Trojan.Generic.12567452

16.8.25

IKARUS anti.virus

Trojan.Win32.VB

t3scan.1.9.5.0

K7 AntiVirus

P2PWorm

13.212.17646

Kaspersky

Trojan.Win32.VB

14.0.0.-194

Malwarebytes

Trojan.PasswordStealer.AHK

v2016.08.03.08

McAfee

RDN/Generic Dropper

5600.6318

Microsoft Security Essentials

Trojan:Win32/Kilim.gen!C

1.1.12205.0

MicroWorld eScan

Trojan.Generic.12567452

17.0.0.648

NANO AntiVirus

Trojan.Win32.VB.dsxifx

0.30.26.3947

nProtect

Trojan.Generic.12567452

15.10.26.01

Panda Antivirus

Trj/Genetic.gen

16.08.03.08

Quick Heal

Trojan.VB.r4

8.16.14.00

Sophos

Mal/Generic-S

4.98

VIPRE Antivirus

Trojan.Win32.Generic

44820

File size:

490.3 KB (502,098 bytes)

Product version:

3, 0, 0, 0

Bass Player

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\downloads\install_flashplayer14x32_x66.exe

File PE Metadata

Compilation timestamp:

9/25/2009 8:57:32 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

7.10

CTPH (ssdeep):

12288:vNIQAPGsAqY9IMVYd38sJdpQHl0lY8Kf43:oPGSY91VwNJcFiq43

Entry address:

0x42B4F

Entry point:

6A, 60, 68, 88, 1A, 46, 00, E8, AD, 5C, 01, 00, BF, 94, 00, 00, 00, 8B, C7, E8, E9, 56, 01, 00, 89, 65, E8, 8B, F4, 89, 3E, 56, FF, 15, 14, A2, 45, 00, 8B, 4E, 10, 89, 0D, A4, B4, 46, 00, 8B, 46, 04, A3, B0, B4, 46, 00, 8B, 56, 08, 89, 15, B4, B4, 46, 00, 8B, 76, 0C, 81, E6, FF, 7F, 00, 00, 89, 35, A8, B4, 46, 00, 83, F9, 02, 74, 0C, 81, CE, 00, 80, 00, 00, 89, 35, A8, B4, 46, 00, C1, E0, 08, 03, C2, A3, AC, B4, 46, 00, 33, F6, 56, 8B, 3D, 5C, A2, 45, 00, FF, D7, 66, 81, 38, 4D, 5A, 75, 1F, 8B, 48, 3C, 03... 
[+]

Entropy:

6.6363

Developed / compiled with:

Microsoft Visual C++ v7.0

Code size:

354 KB (362,496 bytes)

The file install_flashplayer14x32_x66.exe has been seen being distributed by the following URL.

https://www.hightail.com/download/.../directDownload&fl=SWhZekZucVh6NEp4TkpCc3Q0dHhkak9yZWt5UmdteDRsUjJuWENHRzVZbz0

Remove install_flashplayer14x32_x66.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.