» patch.exe
Overview
Analysis
File Details

patch.exe

The executable patch.exe has been detected as malware by 27 anti-virus scanners.

File name:

patch.exe

MD5:

c054c7764fcd7cad186651a90cfb0c59

SHA-1:

7f776cbcb81cf6b0441bea6a6826635515a399ac

SHA-256:

ee56a7951bd93fa71059173ef3da9cbb779cdebf55a13c8ad71955df67626703

Scanner detections:

27 / 68

Status:

Malware

Analysis date:

4/24/2024 1:25:45 AM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

HackTool.Patcher

7.1.1

AhnLab V3 Security

Malware/Win32.Suspicious

2013.05.18

Avira AntiVirus

TR/Gender.28672.4

7.11.79.56

Bitdefender

Gen:Trojan.Heur.FU.bqW@aKjUAgoi

1.0.20.1015

Comodo Security

UnclassifiedMalware

16276

Emsisoft Anti-Malware

Gen:Trojan.Heur.FU.bqW@aKjUAgoi

8.14.07.22.05

ESET NOD32

Win32/HackTool.Patcher (variant)

8.8346

Fortinet FortiGate

W32/QPatch.A!tr

7/22/2014

F-Prot

W32/Trojan2.NBAX

v6.4.7.1.166

F-Secure

Gen:Trojan.Heur.FU.bqW@aKjUAgoi

11.2014-22-07_3

G Data

Gen:Trojan.Heur.FU.bqW@aKjUAgoi

14.7.22

IKARUS anti.virus

Trojan.Win32.Spy

t3scan.2.0.0.0

K7 AntiVirus

Trojan

13.167.8711

Malwarebytes

PUP.Hacktool.Patcher

v2014.07.22.05

McAfee

Artemis!C054C7764FCD

5600.7061

MicroWorld eScan

Gen:Trojan.Heur.FU.bqW@aKjUAgoi

15.0.0.609

Norman

keygen.X

11.20140722

nProtect

Trojan/W32.Small.28672.FP

13.05.18.01

Panda Antivirus

Suspicious file

14.07.22.05

Quick Heal

HackTool.Patcher.A

7.14.12.00

Rising Antivirus

Trojan.Win32.Generic.1231FC10

23.00.65.14720

Sophos

Troj/QPatch-A

4.89

SUPERAntiSpyware

Trojan.Agent/Gen-HackPatch

10468

Total Defense

Win32/Fosniw.ZAAB

37.0.10426

Trend Micro House Call

TROJ_GEN.R47C4HE

7.2.203

Trend Micro

TROJ_GEN.R47C4HE

10.465.22

VIPRE Antivirus

Trojan.Win32.Generic.pak!cobra

17864

File size:

28 KB (28,672 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\aiseesoft studio\aiseesoft mkv converter\patch.exe

File PE Metadata

Compilation timestamp:

9/27/2008 6:06:18 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

5.12

CTPH (ssdeep):

384:hB6kKUi2MIcls4/HwQtVck8Iz/q9fuDf9ouS9m8KHyrFKKxj3AA6YForIGv+hm93:hB6kvw5lJzSRfB9m8YU7JI0GWh7Ts

Entry address:

0x311E

Entry point:

E8, 01, 16, 00, 00, E8, DC, 14, 00, 00, 8B, F0, 6A, 00, 68, 6B, 62, 40, 00, 56, E8, A9, 17, 00, 00, A2, EB, 6F, 40, 00, 6A, 00, 68, 72, 62, 40, 00, 56, E8, 97, 17, 00, 00, A2, EC, 6F, 40, 00, 6A, 00, 68, 79, 62, 40, 00, 56, E8, 85, 17, 00, 00, A2, ED, 6F, 40, 00, 68, AC, 63, 40, 00, 68, 83, 62, 40, 00, 56, E8, 70, 17, 00, 00, 3C, 01, 75, 19, BE, EE, 6F, 40, 00, 68, 00, 04, 00, 00, 56, 68, AC, 63, 40, 00, E8, 69, 14, 00, 00, 8B, C6, EB, 02, 33, C0, 50, E8, BB, 17, 00, 00, 6A, 00, E8, 80, 14, 00, 00, A3, 42... 
[+]

Entropy:

5.7383

Code size:

15.5 KB (15,872 bytes)

Remove patch.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.