New malware report: "Flash Player Updater"

Watch out for “Flash Player Updater.exe” – this is not Adobe Flash Player Updater. >:( It is a browser hijacker. Arrives as pop-up message stating that Flash Player is in need of updating, and then downloads as “Flash Player Updater.exe” . Once this file runs, it resets the home page of at least Chrome, Firefox, and IE to a “Yahoo Search provider” that looks like Yahoo search. It also sets this phony Yahoo search provider as the default search engine in all three browsers (and probably, I would guess, in any other well-known browser).

This is not new and we see it very frequently :wink:

In fact it is really old.
At least 5 years if I remember correctly.

Up-to-date Avast did not detect it today.

upload and test file here www.virustotal.com if tested before, click rescan for a fresh result
Post link to scan result here

also see this >> https://forum.avast.com/index.php?topic=14433.msg1289438#msg1289438

There are two files associated with this malware: an installer stub that is detected by about 5 anti-virus programs, and the main program that is detected by about 10 anti-virus programs. Avast does not at present detect either.

I have sent the executables to Avast for analysis.

There are two files associated with this malware: an installer stub that is detected by about 5 anti-virus programs, and the main program that is detected by about 10 anti-virus programs
May we see the scan link(s)

I’ve seen the real time scanner as well as the PUP detection picking it up.
It can be ofcourse there is a new variant for which detection need to be added.

The multi scanner tools on websites where they use avast (amongst others) only scan with the vps.
They do not check with the avast PUP detection.