× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 2ec28adb1c14e7fefd24d47e563f28fda9e9d70b61491101e7c2fc90685885ce
File name: ecdafb914eaa5caf7b5274c3940ed4ac92bd08ae
Detection ratio: 45 / 48
Analysis date: 2013-09-25 20:41:15 UTC ( 5 years, 4 months ago )
Antivirus Result Update
Yandex Win32.Virut.AB.Gen 20130925
AhnLab-V3 Win32/Virut.E 20130925
AntiVir W32/Virut.Gen 20130925
Avast Win32:Scribble 20130925
AVG Win32/Virut 20130925
Baidu-International Virus.Win32.Virut.$ce 20130925
BitDefender Win32.Virtob.Gen.12 20130925
Bkav W32.VetorX5_LtkC3.PE 20130925
ByteHero Trojan.Malware.Obscu.Gen.002 20130920
CAT-QuickHeal W32.Virut.G 20130925
Commtouch W32/Ramnit.H.gen!Eldorado 20130925
Comodo Virus.Win32.Virut.CE 20130925
DrWeb Win32.Virut.56 20130925
Emsisoft Win32.Virtob.Gen.12 (B) 20130925
ESET-NOD32 Win32/Virut.NBP 20130925
F-Prot W32/Ramnit.H.gen!Eldorado 20130925
F-Secure Win32.Virtob.Gen.12 20130925
Fortinet W32/Zbot.DI!tr 20130925
GData Win32.Virtob.Gen.12 20130925
Ikarus Virus.Win32.Heri 20130925
Jiangmin Win32/Virut.bv 20130903
K7AntiVirus Virus 20130925
K7GW Virus 20130925
Kaspersky Trojan-Spy.Win32.Zbot.dnkl 20130925
Kingsoft Win32.Troj.Zbot.(kcloud) 20130829
Malwarebytes Spyware.Passwords.XGen 20130925
McAfee W32/Ramnit.dr 20130925
McAfee-GW-Edition W32/Ramnit.dr 20130925
Microsoft Virus:Win32/Virut.gen!epo 20130925
eScan Win32.Virtob.Gen.12 20130925
NANO-Antivirus Trojan.Win32.Ramnit.ccmemx 20130925
Norman Ramnit.Y 20130925
Panda Trj/Pck_Pretorx.A 20130925
PCTools HeurEngine.Protexor 20130925
Rising Win32.Virut.dw 20130925
Sophos AV W32/Scribble-B 20130925
SUPERAntiSpyware Trojan.Agent/Gen-Kryptik 20130925
Symantec Packed.Protexor!gen1 20130925
TheHacker W32/Virtob.Gen(F) 20130924
TotalDefense Win32/Virut.17408 20130925
TrendMicro WORM_PALEVO.SMGD 20130925
TrendMicro-HouseCall WORM_PALEVO.SMGD 20130925
VBA32 Malware-Cryptor.Win32.General.4 20130925
VIPRE Virus.Win32.Virut.ce.6 (v) 20130925
ViRobot Win32.Virut.AL 20130925
Antiy-AVL 20130925
ClamAV 20130925
nProtect 20130925
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file.
FileVersionInfo properties
Copyright
Copyright © 1996-2003 Macromedia, Inc.

Publisher Macromedia, Inc.
Product Shockwave Flash
Version 7,0,14,0
Original name SAFlashPlayer.exe
Internal name Macromedia Flash Player 7.0
File version 7,0,14,0
Description Macromedia Flash Player 7.0 r14
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2001-11-09 05:13:35
Entry Point 0x000010FC
Number of sections 5
PE sections
PE imports
GetDeviceCaps
DefineDosDeviceW
lstrlenA
GetFileAttributesA
GetOEMCP
SetConsoleTextAttribute
GlobalUnlock
lstrcpyW
IsDBCSLeadByte
GetSystemDirectoryA
RemoveDirectoryA
GetShortPathNameA
GetCurrentProcess
CompareFileTime
GetPrivateProfileStringA
WritePrivateProfileStringA
lstrcatA
GetPrivateProfileIntA
CreateDirectoryA
DeleteFileA
GetWindowsDirectoryA
UnhandledExceptionFilter
_llseek
GetLogicalDrives
GlobalLock
_lclose
lstrcmpiA
lstrcmpA
FindFirstFileA
lstrcpyA
_lopen
GetComputerNameExW
FindNextFileA
ExitThread
ExpandEnvironmentStringsA
SetFileAttributesA
LocalFree
GetModuleFileNameA
OutputDebugStringW
SetConsoleMenuClose
GlobalAlloc
SearchPathA
FindClose
GetProcAddress
GetSystemMetrics
LoadStringA
EndDialog
SetDlgItemTextA
GetDesktopWindow
MessageBeep
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
Number of PE resources by type
RT_ICON 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
GERMAN 2
CZECH DEFAULT 1
PE resources
File identification
MD5 29fae7d02bfa105090c680e89d5451f7
SHA1 0734e59dad1c4c902f3850103f0ab969e492745c
SHA256 2ec28adb1c14e7fefd24d47e563f28fda9e9d70b61491101e7c2fc90685885ce
ssdeep
1536:UpkAwHxzZh2UXYmvdRmSZad2jN0RAtftaRHvk7yFznUWwo6Fz:ekAwRzhjdRmSZiAXVa5nQ

File size 87.0 KB ( 89088 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (42.1%)
Win64 Executable (generic) (37.3%)
Win32 Dynamic Link Library (generic) (8.8%)
Win32 Executable (generic) (6.0%)
Generic Win/DOS Executable (2.7%)
Tags
peexe

VirusTotal metadata
First submission 2013-09-25 20:41:15 UTC ( 5 years, 4 months ago )
Last submission 2013-09-25 20:41:15 UTC ( 5 years, 4 months ago )
File names Macromedia Flash Player 7.0
SAFlashPlayer.exe
ecdafb914eaa5caf7b5274c3940ed4ac92bd08ae
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Created processes
Opened mutexes
Runtime DLLs