home

patcher_2.exe

Cong Ty Dau Tu Va Phat Trien Cong Nghe Thong Tin

Publisher:
Cong Ty Dau Tu Va Phat Trien Cong Nghe Thong Tin  (signed and verified)

MD5:
c1a2cbfb539f9219eca133b583ea3dda

SHA-1:
3a6a8b3daacf73a592faffc054f4791a76fe0a73

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 4:40:39 AM UTC  (today)

File size:
107.3 KB (109,856 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Documents and Settings\{user}\Local settings\temp\{random}.tmp\patcher_2.exe

Digital Signature
Signed by:
Cong Ty Dau Tu Va Phat Trien Cong Nghe Thong Tin

Authority:
VeriSign, Inc.

Valid from:
7/25/2011 7:00:00 AM

Valid to:
7/26/2013 6:59:59 AM

Subject:
CN=Cong Ty Dau Tu Va Phat Trien Cong Nghe Thong Tin, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Cong Ty Dau Tu Va Phat Trien Cong Nghe Thong Tin, L=Hanoi, S=Hanoi, C=VN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
1163AFD815645B4622FAC27B357AE85B

File PE Metadata
Compilation timestamp:
3/12/2012 6:58:13 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
1536:kFQIG0uuu2mcUiwzyA7xsFuGHd6vpO0D0u4zWmjZWEqVPmCBpJuJG8iy0Z/g3Qx:kF3rnwtIuGK/YDtZWEixBpKG8qZow

Entry address:
0x1491D

Entry point:
B8, B8, C8, 43, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, 8C, 30, 9B, E3, A4, 7D, D6, 08, 1D, 5B, F9, 70, B6, B1, 2A, 56, AC, 1D, D4, D3, 06, B3, CA, AA, 7B, 03, FD, B3, 7F, 94, 5D, 99, 20, 8D, 4B, CA, 30, 03, 29, CD, 7B, 65, 9D, 80, 4A, FC, 71, 0D, 7C, 2A, EF, AE, C6, A2, 17, 66, AD, 76, D0, BF, D0, 89, DA, 7F, B4, 00, C5, 1F, 0C, 7E, A8, 64, 7E, 7E, A5, 5F, 85, E8, F9, 46, F4, C7, 58, AA, 9C, 96, 8F, 4D, DC, E3, DC, 86, 5A...
 
[+]

Entropy:
7.8725

Packer / compiler:
PECompact v2

Code size:
148 KB (151,552 bytes)

Scan patcher_2.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.