» {341c889b-e80a-4815-87f9-10c309fd71ab}
Overview
Analysis
File Details

{341c889b-e80a-4815-87f9-10c309fd71ab}

Patch

The file {341c889b-e80a-4815-87f9-10c309fd71ab} has been detected as malware by 17 anti-virus scanners. This backdoor trojan may be used to conduct distributed denial of service attacks, or used to install additional trojans or other forms of malicious software as well as can steal your sensitive information.

File name:

Product:

Patch

Version:

1.0.0.0

MD5:

dc115e351c8263f64c60122064f628a8

SHA-1:

74ed86d55cddf491bac51407c74587ccad869ea7

SHA-256:

0ed86bc7bb43a6c241569dcd3cc73819b31663f495cf2816c6bc8355beb910f5

Scanner detections:

17 / 68

Status:

Malware

Analysis date:

4/16/2024 12:00:04 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Zusy.73830

856

Avira AntiVirus

TR/Dropper.MSIL.Gen

7.11.153.40

AVG

ILCrypt

2015.0.3334

Baidu Antivirus

Trojan.MSIL.Injector

4.0.3.14102

Bitdefender

Gen:Variant.Zusy.73830

1.0.20.1375

Dr.Web

Trojan.Starter.2890

9.0.1.0275

Emsisoft Anti-Malware

Gen:Variant.Zusy.73830

8.14.10.02.04

ESET NOD32

MSIL/Injector.DUM (variant)

8.9893

F-Secure

Gen:Variant.Zusy.73830

11.2014-02-10_5

G Data

Gen:Variant.Zusy.73830

14.10.24

IKARUS anti.virus

Backdoor.MSIL

t3scan.1.6.1.0

Kaspersky

HEUR:Trojan.Win32.Generic

14.0.0.3164

Malwarebytes

Backdoor.Bot.MSIL

v2014.10.02.04

McAfee

Artemis!DC115E351C82

5600.6990

Microsoft Security Essentials

Backdoor:MSIL/Bladabindi.AL

1.10600

MicroWorld eScan

Gen:Variant.Zusy.73830

15.0.0.825

Sophos

Mal/Generic-S

4.98

File size:

194 KB (198,656 bytes)

Product version:

1.0.0.0

Original file name:

Patch.exe

File PE Metadata

Compilation timestamp:

6/4/2014 8:45:33 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

6144:r8p+w2QAKXj81YM7JJ09u+SKyep+lJ96V5wLLkqF7K:r8p+wLAKXj5M7JJ0k+SKFUl8wU67K

Entry address:

0x31C5E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

191.5 KB (196,096 bytes)

Remove {341c889b-e80a-4815-87f9-10c309fd71ab} - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.