× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 6e16f016cc05fb79aacaa626cb48d5b28ff1d59958aeb63a60620b94d831af5f
File name: flash-player-1405-jetelecharge.exe
Detection ratio: 0 / 68
Analysis date: 2018-08-29 02:01:36 UTC ( 6 months, 4 weeks ago ) View latest
Antivirus Result Update
Ad-Aware 20180829
AegisLab 20180829
AhnLab-V3 20180828
Alibaba 20180713
ALYac 20180829
Antiy-AVL 20180829
Arcabit 20180829
Avast 20180829
Avast-Mobile 20180828
AVG 20180829
Avira (no cloud) 20180829
AVware 20180823
Babable 20180822
Baidu 20180828
BitDefender 20180829
Bkav 20180828
CAT-QuickHeal 20180828
ClamAV 20180828
CMC 20180828
Comodo 20180829
CrowdStrike Falcon (ML) 20180723
Cybereason 20180225
Cylance 20180829
Cyren 20180829
DrWeb 20180829
eGambit 20180829
Emsisoft 20180828
Endgame 20180730
ESET-NOD32 20180828
F-Prot 20180828
F-Secure 20180829
Fortinet 20180828
GData 20180829
Ikarus 20180828
Sophos ML 20180717
Jiangmin 20180829
K7AntiVirus 20180828
K7GW 20180828
Kaspersky 20180829
Kingsoft 20180829
Malwarebytes 20180828
MAX 20180829
McAfee 20180829
McAfee-GW-Edition 20180828
Microsoft 20180828
eScan 20180828
NANO-Antivirus 20180828
Palo Alto Networks (Known Signatures) 20180829
Panda 20180828
Qihoo-360 20180829
Rising 20180828
SentinelOne (Static ML) 20180701
Sophos AV 20180829
SUPERAntiSpyware 20180829
Symantec 20180829
Symantec Mobile Insight 20180822
TACHYON 20180829
Tencent 20180829
TheHacker 20180824
TotalDefense 20180828
TrendMicro 20180828
TrendMicro-HouseCall 20180828
Trustlook 20180829
VBA32 20180828
VIPRE 20180828
ViRobot 20180828
Webroot 20180829
Yandex 20180827
Zillya 20180828
ZoneAlarm by Check Point 20180828
Zoner 20180828
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
Copyright © 1996-2018 Adobe Systems Incorporated

Product Adobe® Flash® Player Installer/Uninstaller
Original name FlashUtil.exe
Internal name Adobe® Flash® Player Installer/Uninstaller 30.0
File version 30,0,0,154
Description Adobe® Flash® Player Installer/Uninstaller 30.0 r0
Signature verification Signed file, verified signature
Signing date 3:02 AM 7/28/2018
Signers
[+] Adobe Systems Incorporated
Status Valid
Issuer DigiCert EV Code Signing CA (SHA2)
Valid from 2:00 AM 3/15/2017
Valid to 2:00 PM 3/20/2019
Valid usage Code Signing
Algorithm sha256RSA
Thumbprint 2E419CCC647F94FE0DFC5460D0740B93D3572E54
Serial number 06 F0 47 88 03 10 55 D3 1D EF FE FC D0 26 D6 C5
[+] DigiCert EV Code Signing CA (SHA2)
Status Valid
Issuer DigiCert High Assurance EV Root CA
Valid from 2:00 PM 4/18/2012
Valid to 2:00 PM 4/18/2027
Valid usage Code Signing
Algorithm sha256RSA
Thumbprint 60EE3FC53D4BDFD1697AE5BEAE1CAB1C0F3AD4E3
Serial number 03 F1 B4 E1 5F 3A 82 F1 14 96 78 B3 D7 D8 47 5C
[+] DigiCert
Status Valid
Issuer DigiCert High Assurance EV Root CA
Valid from 2:00 AM 11/10/2006
Valid to 2:00 AM 11/10/2031
Valid usage Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing
Algorithm sha1RSA
Thumbprint 5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25
Serial number 02 AC 5C 26 6A 0B 40 9B 8F 0B 79 F2 AE 46 25 77
Counter signers
[+] Symantec SHA256 TimeStamping Signer - G2
Status Valid
Issuer Symantec SHA256 TimeStamping CA
Valid from 2:00 AM 1/2/2017
Valid to 1:59 AM 4/2/2028
Valid usage Timestamp Signing
Algorithm sha256RSA
Thumbrint 625AEC3AE4EDA1D169C4EE909E85B3BBC61076D3
Serial number 54 58 F2 AA D7 41 D6 44 BC 84 A9 7B A0 96 52 E6
[+] Symantec SHA256 TimeStamping CA
Status Valid
Issuer VeriSign Universal Root Certification Authority
Valid from 2:00 AM 1/12/2016
Valid to 1:59 AM 1/12/2031
Valid usage Timestamp Signing
Algorithm sha256RSA
Thumbrint 6FC9EDB5E00AB64151C1CDFCAC74AD2C7B7E3BE4
Serial number 7B 05 B1 D4 49 68 51 44 F7 C9 89 D2 9C 19 9D 12
[+] VeriSign Universal Root Certification Authority
Status Valid
Issuer VeriSign Universal Root Certification Authority
Valid from 2:00 AM 4/2/2008
Valid to 1:59 AM 12/2/2037
Valid usage Server Auth, Client Auth, Email Protection, Code Signing, Timestamp Signing
Algorithm sha256RSA
Thumbrint 3679CA35668772304D30A5FB873B0FA77BB70D54
Serial number 40 1A C4 64 21 B3 13 21 03 0E BB E4 12 1A C5 1D
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2018-07-27 22:44:05
Entry Point 0x00027BA8
Number of sections 6
PE sections
Overlays
MD5 444add3d34d1b0ba25798f1987bc9a52
File type data
Offset 21352960
Size 7640
Entropy 7.26
PE imports
RegCreateKeyExW
CloseServiceHandle
RegDeleteValueW
CryptReleaseContext
RegCloseKey
RegSetValueExW
FreeSid
CryptGetHashParam
RegQueryValueExA
OpenSCManagerW
RegEnumKeyExW
RegOpenKeyExW
CheckTokenMembership
OpenServiceW
RegSetValueExA
ControlService
AllocateAndInitializeSid
RegOpenKeyExA
CryptHashData
RegQueryValueExW
DeleteDC
SetBkMode
CreateFontA
BitBlt
CreateCompatibleBitmap
GetTextExtentExPointW
CreateSolidBrush
SelectObject
CreateDIBSection
CreateCompatibleDC
DeleteObject
StretchBlt
SetTextColor
SetThreadLocale
GetStdHandle
ReleaseMutex
WaitForSingleObject
FindNextFileA
EncodePointer
QueueUserAPC
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
LocalAlloc
FreeEnvironmentStringsW
InitializeSListHead
SetStdHandle
GetCPInfo
WriteFile
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
GetExitCodeProcess
LocalFree
OutputDebugStringW
FindClose
InterlockedDecrement
SetFileAttributesW
GetEnvironmentVariableW
SetLastError
GetUserDefaultUILanguage
GetSystemTime
TlsGetValue
CopyFileW
LoadResource
GetModuleFileNameW
IsDebuggerPresent
HeapAlloc
FlushFileBuffers
GetModuleFileNameA
GetFileAttributesW
RaiseException
UnhandledExceptionFilter
LoadLibraryExW
MultiByteToWideChar
SetFilePointerEx
GlobalAddAtomW
CreateThread
MoveFileExW
GetSystemDirectoryW
SetUnhandledExceptionFilter
CreateMutexW
IsProcessorFeaturePresent
GetSystemDirectoryA
DecodePointer
TerminateProcess
GetModuleHandleExW
SetCurrentDirectoryW
ReadConsoleW
SetWaitableTimer
LeaveCriticalSection
WriteConsoleW
CreateToolhelp32Snapshot
GetSystemWow64DirectoryW
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
LoadLibraryW
GetOEMCP
QueryPerformanceCounter
TlsAlloc
GetVersionExA
LoadLibraryA
RtlUnwind
ExitThread
FreeLibrary
GetFileSize
OpenProcess
GetStartupInfoW
CreateDirectoryW
DeleteFileW
GetProcAddress
GetProcessHeap
GetTempFileNameW
CreateWaitableTimerW
GetFileSizeEx
RemoveDirectoryW
FindFirstFileExA
FindNextFileW
GetCurrentThreadId
FindFirstFileW
DuplicateHandle
CreateFileW
GetFileType
TlsSetValue
ExitProcess
InterlockedIncrement
GetLastError
SystemTimeToFileTime
LCMapStringW
GetConsoleCP
GetThreadLocale
GetEnvironmentStringsW
Process32NextW
SizeofResource
GetCurrentDirectoryW
GetCurrentProcessId
LockResource
GetCommandLineW
WideCharToMultiByte
HeapSize
GetCommandLineA
Process32FirstW
SetEndOfFile
TlsFree
SetFilePointer
ReadFile
CloseHandle
SetDllDirectoryW
GetACP
GetModuleHandleW
FreeResource
IsValidCodePage
FindResourceW
CreateProcessW
Sleep
FindResourceA
SysFreeString
VariantInit
VariantClear
SysAllocString
SHGetFolderPathW
SHFileOperationW
ShellExecuteW
ShellExecuteExW
Ord(680)
CommandLineToArgvW
MapWindowPoints
RegisterClassExW
GetForegroundWindow
GetParent
GetPropW
BeginPaint
GetMessageW
DefWindowProcW
MoveWindow
PostQuitMessage
ShowWindow
SetPropW
SetWindowLongW
MessageBoxW
GetWindowRect
EndPaint
SetCapture
ReleaseCapture
SetWindowPos
TranslateMessage
GetWindow
PostMessageW
GetDC
GetKeyState
ReleaseDC
LoadStringW
SetWindowTextW
DrawTextW
DispatchMessageW
ClientToScreen
SetRect
InvalidateRect
SetTimer
CallWindowProcW
FillRect
GetClientRect
LoadCursorW
CreateWindowExW
GetWindowLongW
SetForegroundWindow
DestroyWindow
SetCursor
CoInitializeEx
CoUninitialize
CoInitialize
CoCreateGuid
CoCreateInstance
CoInitializeSecurity
StringFromGUID2
Number of PE resources by type
RT_STRING 112
RT_RCDATA 10
RT_ICON 7
LZMG 1
TYPELIB 1
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 11
NEUTRAL 10
ENGLISH CAN 8
TURKISH DEFAULT 7
SWEDISH NEUTRAL 7
GERMAN 7
CHINESE TRADITIONAL 7
DUTCH 7
FRENCH 7
CHINESE SIMPLIFIED 7
PORTUGUESE BRAZILIAN 7
JAPANESE DEFAULT 7
SPANISH MODERN 7
POLISH DEFAULT 7
CZECH DEFAULT 7
RUSSIAN 7
KOREAN 7
ITALIAN 7
PE resources
Debug information
ExifTool file metadata
LegalTrademarks
Adobe Flash Player

SubsystemVersion
5.1

InitializedDataSize
21078528

ImageVersion
0.0

ProductName
Adobe Flash Player Installer/Uninstaller

FileVersionNumber
30.0.0.154

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

LinkerVersion
14.0

FileTypeExtension
exe

OriginalFileName
FlashUtil.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
30,0,0,154

TimeStamp
2018:07:28 00:44:05+02:00

FileType
Win32 EXE

PEType
PE32

InternalName
Adobe Flash Player Installer/Uninstaller 30.0

ProductVersion
30,0,0,154

FileDescription
Adobe Flash Player Installer/Uninstaller 30.0 r0

OSVersion
5.1

FileOS
Win32

LegalCopyright
Copyright 1996-2018 Adobe Systems Incorporated

MachineType
Intel 386 or later, and compatibles

CompanyName
Adobe Systems Incorporated

CodeSize
273408

FileSubtype
0

ProductVersionNumber
30.0.0.154

EntryPoint
0x27ba8

ObjectFileType
Dynamic link library

File identification
MD5 7ee242d96268a66470d650652d8a6972
SHA1 335bb9fbf36e9865625d198221890b8f999aa70e
SHA256 6e16f016cc05fb79aacaa626cb48d5b28ff1d59958aeb63a60620b94d831af5f
ssdeep
393216:tCIG1Bu4wBSCvWBr4HtGVjqgZcjntO5XHnGq75FH6Delev8jBhT:Vcu4dwI8gZcGGqDHCSevmT

authentihash df6130d790ee0e54e35e1f050804ce31bb10b0767e62a1f7ba551686421db572
imphash 2ec68c558a5f724af82fd6229781023b
File size 20.4 MB ( 21360600 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable (generic) (42.7%)
OS/2 Executable (generic) (19.2%)
Generic Win/DOS Executable (18.9%)
DOS Executable Generic (18.9%)
Tags
peexe signed overlay

VirusTotal metadata
First submission 2018-08-14 05:20:36 UTC ( 7 months, 2 weeks ago )
Last submission 2018-09-08 04:01:57 UTC ( 6 months, 2 weeks ago )
File names 61B52D9A-55FB-4D7A-A653-89CF9C58A0B9
flash-player-1405-jetelecharge.exe
8A072B8E-D963-4022-9F7F-ACC052E3DF3B
EA54DB0E-1502-4FD5-9E68-FB254044FCFD
69911E16-0B8E-4AF5-A00F-9409B7BA987D
Uninstaller 30.0
D1FB6E6C-A7E3-42C6-8A8C-23F272781257
279DFFEA-AA30-44A7-8897-639D3C795FE4
FlashUtil.exe
9357F9CD-6A66-4D07-A241-1F10CB7FE67C
install_flash_player(2).exe
install_flash_player.exe
install_flash_player.exe
70AE4E91-DAC0-4CC6-8029-3DA2CFADBA00
flashplayer30_0r0_154_win.exe
install_flash_player 30.0.0.154.exe
target.exe
install_flash_player.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!