shockwave_installer_slim.exe

Adobe Shockwave Player

Adobe Systems Incorporated

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The file has been seen being downloaded from 202.65.242.9 and multiple other hosts.
Publisher:
Adobe Systems Inc.  (signed by Adobe Systems Incorporated)

Product:
Adobe Shockwave Player

Version:
12.0.5.146

MD5:
a81e3d5e7c21569a3c28b683f679eb07

SHA-1:
c909de13230083db07f7f73b8ee9cfc2f096d8c9

SHA-256:
6266e574ff12143db64433ba424d4a6d0cc131cf71e921016a38ede193f52f10

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/5/2024 3:28:55 PM UTC  (today)

File size:
4.7 MB (4,897,880 bytes)

Copyright:
© Adobe Systems Inc 1985-2012

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\shockwave_installer_slim.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
2/27/2013 9:00:00 PM

Valid to:
3/1/2014 8:59:59 PM

Subject:
CN=Adobe Systems Incorporated, OU=Digital ID Class 3 - Microsoft Software Validation v2, OU=Shockwave Player, O=Adobe Systems Incorporated, L=San Jose, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
5D3841BF447916AC15B84DD176B2A358

File PE Metadata
Compilation timestamp:
1/28/2009 5:42:44 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
98304:z58FSLo2YaImPovU7xEHUQ0VDpJEpO/LMX/CBnTY6YM0xYKSC4OYXj:z58yPn7xEHNwpb/I/gTgM0x1SC4rXj

Entry address:
0x3542

Entry point:
81, EC, D4, 02, 00, 00, 53, 55, 56, 57, 6A, 20, 33, ED, 5E, 89, 6C, 24, 18, C7, 44, 24, 10, D8, 84, 40, 00, 89, 6C, 24, 14, FF, 15, 30, 80, 40, 00, 68, 01, 80, 00, 00, FF, 15, B8, 80, 40, 00, 55, FF, 15, B0, 82, 40, 00, 6A, 08, A3, 98, 06, 47, 00, E8, 64, 27, 00, 00, 55, 68, B4, 02, 00, 00, A3, B0, 05, 47, 00, 8D, 44, 24, 38, 50, 55, 68, 1C, 86, 40, 00, FF, 15, 80, 81, 40, 00, 68, 04, 86, 40, 00, 68, A0, 85, 46, 00, E8, 32, 26, 00, 00, FF, 15, B4, 80, 40, 00, 50, BF, A0, 10, 4C, 00, 57, E8, 20, 26, 00, 00...
 
[+]

Packer / compiler:
Nullsoft install system v2.x

Code size:
25 KB (25,600 bytes)

The file shockwave_installer_slim.exe has been discovered within the following program.

360Amigo is registry optimizer. 360Amigo System Speedup bundles a branded version of the Conduit Toolbar, designed to deliver search based advertising and results. During installation the user is presented in some cases with the option to install the toolbar (on by default).
www.360amigo.com
53% remove it
 
Powered by Should I Remove It?

The file shockwave_installer_slim.exe has been seen being distributed by the following 4 URLs.

http://202.65.242.9/.../Shockwave_Installer_Slim.exe