» patch 6.xx.exe
Overview
Analysis
File Details

patch 6.xx.exe

The application patch 6.xx.exe has been detected as a potentially unwanted program by 30 anti-malware scanners.

File name:

patch 6.xx.exe

MD5:

f7c71ac3c1168c42d3f060da51fa63df

SHA-1:

ddfa4b065ff7064ad524b788916cfdefec42d822

SHA-256:

ed830dcebb1eae9be4f52164f18b5343d6849875fadc7dd3ca11e69df455a81c

Scanner detections:

30 / 68

Status:

Potentially unwanted

Analysis date:

5/7/2024 5:21:53 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Backdoor.Generic.638368

1022

Agnitum Outpost

HackTool.Patcher

7.1.1

Avira AntiVirus

BDS/Rogue.638368

7.11.135.168

AVG

Generic20

2015.0.3500

Baidu Antivirus

Trojan.Win32.Agent

4.0.3.14419

Bitdefender

Backdoor.Generic.638368

1.0.20.545

Bkav FE

HW32.CDB

1.3.0.4959

Dr.Web

Tool.Patcher.65

9.0.1.0109

Emsisoft Anti-Malware

Backdoor.Generic.638368

8.14.04.19.01

ESET NOD32

Win32/HackTool.Patcher (variant)

8.9517

Fortinet FortiGate

W32/Dx.YYU!tr

4/19/2014

F-Secure

Backdoor.Generic.638368

11.2014-19-04_7

G Data

Backdoor.Generic.638368

14.4.24

IKARUS anti.virus

not-a-virus:Hacktool

t3scan.2.2.29

Malwarebytes

PUP.Hacktool.Patcher

v2014.04.19.01

McAfee

Artemis!F7C71AC3C116

5600.7156

MicroWorld eScan

Backdoor.Generic.638368

15.0.0.327

Norman

keygen.X

11.20140419

nProtect

Backdoor.Generic.638368

14.03.07.02

Panda Antivirus

Trj/CI.A

14.04.19.01

Quick Heal

HackTool.Patcher.A

4.14.12.00

Rising Antivirus

PE:Trojan.Win32.Generic.127DDF4E!310239054

23.00.65.14417

Sophos

Troj/KeyGen-Gen

4.98

Trend Micro House Call

TROJ_SPNR.03LS11

7.2.109

Trend Micro

TROJ_SPNR.03LS11

10.465.19

VIPRE Antivirus

Trojan.Win32.Generic

27202

File size:

293.5 KB (300,544 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\internet download manager\patch 6.xx.exe

File PE Metadata

Compilation timestamp:

9/21/2010 11:20:11 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

5.12

CTPH (ssdeep):

6144:jlJwFFxNiB/7/xnDqE4ZWvAk5LFzY6+b/AZHGqCCXF+5J04:5JwRcN7hqEcW/5Zr+b2F+PZ

Entry address:

0x3B7F

Entry point:

B8, F0, 12, 4C, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, 48, 46, BD, A3, F9, 01, C3, 10, A3, B7, 59, 9F, 74, 1B, AC, 73, 31, 17, 05, 4D, 87, E0, 30, D0, 38, AC, 55, 33, 4F, 3C, 82, 80, 8C, 66, 2C, FD, 37, FF, 2E, E9, DF, F1, E9, 10, 95, E4, C4, F8, 48, 17, 44, 38, 22, 11, DF, FB, 70, 59, 77, CE, CA, EE, CA, 0D, DA, 35, DB, A1, 05, 3A, D6, 86, 12, 04, 66, 0D, 1E, B7, 4D, C7, 3A, 4C, C7, 80, 6E, C9, 46, D9, 62, 86, A3, 7E, B9... 
[+]

Entropy:

7.9294

Packer / compiler:

PECompact v2

Code size:

33.5 KB (34,304 bytes)

Remove patch 6.xx.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.