home

patcher.exe

Asiasoft Online Pte Ltd

The application patcher.exe by Asiasoft Online Pte has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Asiasoft Online Pte Ltd  (signed and verified)

MD5:
5bef9b52e3a9987b3f43f20ae7fabc09

SHA-1:
21cd44b7e2ff804c88e5e2406368b38d11d3c8af

SHA-256:
73855f637f00d0c5d89b9304ab6fb3372dcef96dcdfbc1d3c353e5b1d4c1145e

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
5/6/2024 10:42:58 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.AsiasoftOnlinePte (M)
16.1.15.17

File size:
1.2 MB (1,237,984 bytes)

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\auditionsea\auditionsea\patcher.exe

Digital Signature
Signed by:
Asiasoft Online Pte Ltd

Authority:
GlobalSign nv-sa

Valid from:
11/6/2014 1:18:34 PM

Valid to:
11/7/2015 1:18:34 PM

Subject:
E=ensemble@asiasoft.net, CN=Asiasoft Online Pte Ltd, O=Asiasoft Online Pte Ltd, L=Singapore, S=Singapore, C=SG

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121316AC469EDBB903A2A501E45268109FD

File PE Metadata
Compilation timestamp:
2/24/2015 10:22:42 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
24576:KuiZ2rPs5Nw1sPgu+p86O96nf0bZZR37plDkQQTTcVR5rifu:Kuy2EK1HJShbFQTWTl

Entry address:
0x73660

Entry point:
8B, FF, 55, 8B, EC, E8, 06, 60, 01, 00, E8, 11, 00, 00, 00, 5D, C3, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 8B, FF, 55, 8B, EC, 6A, FE, 68, 00, 9A, 4F, 00, 68, 40, 69, 47, 00, 64, A1, 00, 00, 00, 00, 50, 83, C4, 94, 53, 56, 57, A1, 68, FB, 4F, 00, 31, 45, F8, 33, C5, 50, 8D, 45, F0, 64, A3, 00, 00, 00, 00, 89, 65, E8, C7, 45, 90, 00, 00, 00, 00, C7, 45, FC, 00, 00, 00, 00, 8D, 45, A0, 50, FF, 15, B0, 71, 4C, 00, C7, 45, FC, FE, FF, FF, FF, EB, 26, B8, 01, 00, 00, 00, C3, 8B, 65, E8, C7...
 
[+]

Entropy:
6.6082

Code size:
791 KB (809,984 bytes)

Remove patcher.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.