» patch.b75c.exe
Overview
Analysis
File Details

patch.b75c.exe

USENET

The application patch.b75c.exe by USENET has been detected as a potentially unwanted program by 15 anti-malware scanners. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer.

File name:

patch.b75c.exe

Publisher:

USENET (signed and verified)

MD5:

24454229e55002de565c3f49a70781d7

SHA-1:

7c21905f45eecb0c529680952849e13807a98f30

SHA-256:

4648d583e2bdf44f2b6ba5a1e31082161947ed931cb6a2ea60c4da661a2d0165

Scanner detections:

15 / 68

Status:

Potentially unwanted

Analysis date:

4/26/2024 12:33:29 PM UTC (today)

Scan engine

Detection

Engine version

AegisLab AV Signature

AdWare.W32.WinAgir.lCY1

2.1.4+

Avira AntiVirus

ADWARE/Kradda.alre

8.3.3.4

avast!

NSIS:Kraddare-B [PUP]

2014.9-170314

AVG

FakeCert

2018.0.2439

Baidu Antivirus

Win32.Trojan.WisdomEyes.16070401.9500

4.0.3.17314

Bkav FE

W32.HfsAdware

1.3.0.8455

Comodo Security

TrojWare.Win32.Trojan.Agent.Gen

26386

Dr.Web

Trojan.Adkor.342

9.0.1.073

McAfee

Artemis!24454229E550

5600.6095

NANO AntiVirus

Trojan.Nsis.Adkor.eaeqpe

1.0.70.14475

Trend Micro House Call

ADW_KRADDARE

7.2.73

Trend Micro

ADW_KRADDARE

10.465.14

Vba32 AntiVirus

BScope.Trojan-Spy.Zbot

3.12.26.4

VIPRE Antivirus

Trojan.Win32.Generic

54940

Zillya! Antivirus

Adware.KraddareCRTD.Win32.2389

2.0.0.3168

File size:

994.4 KB (1,018,296 bytes)

File type:

Executable application (Win32 EXE)

Installer:

NSIS (Nullsoft Scriptable Install System)

Common path:

C:\windows\temp\patch.b75c.exe

Digital Signature

Signed by:

USENET

Authority:

VeriSign, Inc.

Valid from:

4/1/2011 9:00:00 AM

Valid to:

4/1/2012 8:59:59 AM

Subject:

CN=USENET, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=USENET, L=Kumingan Barat No.8, S=Jakarta, C=ID

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

135E046F1C85E3B019A1844C115E3464

File PE Metadata

Compilation timestamp:

12/6/2009 7:50:52 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

Entry address:

0x30FA

Entry point:

81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 18, EC, 42, 00, E8, F1, 2B, 00, 00, A3, 64, EB, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 98, 8F, 42, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 60, E3, 42, 00, E8, A4, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 40, 43, 00, 50, 57, E8, 92, 28, 00, 00... 
[+]

Entropy:

7.9856

Packer / compiler:

Nullsoft install system v2.x

Code size:

23.5 KB (24,064 bytes)

Remove patch.b75c.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.