» 30FreePatience.exe
Overview
Analysis
File Details
Downloads (1)

30FreePatience.exe

The application 30FreePatience.exe has been detected as a potentially unwanted program by 27 anti-malware scanners. This is a setup program which is used to install the application. According to AVG, this software downloads additional adware offers during setup. The file has been seen being downloaded from jeux.cartes.free.fr.

File name:

30FreePatience.exe

MD5:

283736b622bf8de32b6d461cbb54c301

SHA-1:

6e309d06f6460d69fc0729bef2b34cd921df1aca

SHA-256:

39f6408cd08c54190af3b3eccdf9b72864cb8ff9cb138b237308c44b97379984

Scanner detections:

27 / 68

Status:

Potentially unwanted

Analysis date:

4/24/2024 6:55:21 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.Generic.1471673

1150

AhnLab V3 Security

Adware/Win32.NavExcel

2013.12.28

Avira AntiVirus

DR/Drop.Small.SC.13

7.11.122.120

avast!

Win32:Trojan-gen

2014.9-130829

AVG

Downloader.Rameh.G

2014.0.3543

Bitdefender

Trojan.Generic.1471673

1.0.20.1205

Bkav FE

W32.Clod702.Trojan

1.3.0.4613

Comodo Security

UnclassifiedMalware

17511

Dr.Web

Trojan.Rameh

9.0.1.0241

Emsisoft Anti-Malware

Trojan.Generic.1471673

8.13.08.29.12

Fortinet FortiGate

W32/Small.SC!tr

8/29/2013

F-Prot

W32/Dropper.PKZ

v6.4.7.1.166

F-Secure

Trojan.Generic.1471673

11.2013-27-11_4

G Data

Trojan.Generic.1471673

13.8.22

IKARUS anti.virus

not-a-virus:AdWare.Win32.NavExcel

t3scan.2.2.29

K7 AntiVirus

Adware

13.174.10656

Kaspersky

Trojan-Dropper.Win32.Small

14.0.0.3808

McAfee

Artemis!283736B622BF

5600.7181

MicroWorld eScan

Trojan.Generic.1471673

14.0.0.723

NANO AntiVirus

Trojan.Win32.NavHelper.bqizui

0.28.0.57029

Norman

Suspicious_Gen2.AXPZT

11.20130829

Panda Antivirus

Trj/CI.A

13.08.29.12

Reason Heuristics

Unnamed.Threat.88

14.3.1.0

Rising Antivirus

PE:Trojan.Win32.Generic.1261B9C1!308394433

23.00.65.13827

Sophos

Generic PUA GO

4.96

Vba32 AntiVirus

AdWare.NavExcel

3.12.24.3

VIPRE Antivirus

Trojan.Win32.Generic

24832

File size:

6.1 MB (6,414,140 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\30freepatience.exe

File PE Metadata

Compilation timestamp:

10/6/1999 3:33:39 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

3.0

CTPH (ssdeep):

196608:miPNxjB/uOsNCuK/XzOVt7v5INXpqY+7iKY1NX:m6jsO4L8DOVtaNZb+7iKY1R

Entry address:

0x1020

Entry point:

55, 8B, EC, 81, EC, 14, 04, 00, 00, 53, 56, 57, 6A, 00, FF, 15, 08, 41, 40, 00, 68, 00, 50, 40, 00, FF, 15, 04, 41, 40, 00, 85, C0, 74, 29, 6A, 00, A1, 00, 20, 40, 00, 50, FF, 15, 20, 41, 40, 00, 8B, F0, 6A, 06, 56, FF, 15, 1C, 41, 40, 00, 6A, 03, 56, FF, 15, 1C, 41, 40, 00, 33, C0, E9, 0C, 03, 00, 00, 68, 02, 7F, 00, 00, 33, F6, 56, FF, 15, 14, 41, 40, 00, 50, FF, 15, 10, 41, 40, 00, 68, 00, 02, 00, 00, 8D, 85, EC, FD, FF, FF, 50, 56, FF, 15, 00, 41, 40, 00, 56, B8, 00, 00, 00, 80, 50, 8D, 8D, EC, FD, FF... 
[+]

Entropy:

7.9997

Developed / compiled with:

Microsoft Visual C++

Code size:

2.5 KB (2,560 bytes)

The file 30FreePatience.exe has been seen being distributed by the following URL.

http://jeux.cartes.free.fr/.../30FreePatience.exe

Remove 30FreePatience.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.