home

Windows 8 Patcher.exe

The executable Windows 8 Patcher.exe has been detected as malware by 19 anti-virus scanners. The file has been seen being downloaded from drive.google.com and multiple other hosts.
MD5:
ff3176091fc18112744d050e7a499325

SHA-1:
2ddeb18ca458c1d9e004bb1036134d62c941d371

SHA-256:
82998d2e8fcd915f73b5d50284f95f9134c5090231e41a2761e3abe32c5d5d3b

Scanner detections:
19 / 68

Status:
Malware

Analysis date:
4/26/2024 12:36:31 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Kazy.37732
1011

avast!
Win32:Malware-gen
2014.9-140430

Bitdefender
Gen:Variant.Kazy.37732
1.0.20.600

Bkav FE
W32.Clod1a0.Trojan
1.3.0.4959

Comodo Security
Application.RDPatch.a
18160

Emsisoft Anti-Malware
Gen:Variant.Kazy.37732
8.14.04.30.03

F-Secure
Gen:Variant.Kazy.37732
11.2014-30-04_4

G Data
Gen:Variant.Kazy.37732
14.4.24

IKARUS anti.virus
HackTool.Patch
t3scan.1.6.1.0

K7 AntiVirus
Riskware
13.176.11873

McAfee
Artemis!FF3176091FC1
5600.7145

MicroWorld eScan
Gen:Variant.Kazy.37732
15.0.0.360

Norman
Troj_Generic.DWJUT
11.20140430

Panda Antivirus
Generic Trojan
14.04.30.03

Qihoo 360 Security
Win32/Trojan.cfe
1.0.0.1015

Rising Antivirus
PE:Trojan.Win32.Generic.134DAEA9!323858089
23.00.65.14428

Trend Micro House Call
CRCK_PATCH
7.2.120

Trend Micro
CRCK_PATCH
10.465.30

VIPRE Antivirus
Trojan.Win32.Generic
28574

File size:
13 KB (13,312 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\windows 8 patcher.exe

File PE Metadata
OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows Console

CTPH (ssdeep):
96:ZFQC+7q0aVb9Vp3oKXeMohqFg73YpABv+SxUBszMTYQkZiZQeNonGL/88BDxlc8P:gRqbDeGkUiMTYCaVw3nPwEdGIa8Z4BO

Entry address:
0x1000

Entry point:
55, 8B, EC, 81, EC, FC, 09, 00, 00, 53, 8B, 1D, B8, 30, 40, 00, 57, 68, 10, 31, 40, 00, FF, D3, 83, C4, 04, 33, FF, 8D, 45, EC, 50, 57, 57, 57, 57, 57, 57, 68, 20, 02, 00, 00, 6A, 20, 6A, 02, 8D, 4D, F8, 51, C7, 45, F8, 00, 00, 00, 00, 66, C7, 45, FC, 00, 05, FF, 15, 14, 30, 40, 00, 85, C0, 74, 25, 8B, 45, EC, 8D, 55, F0, 52, 50, 57, FF, 15, 24, 30, 40, 00, 85, C0, 75, 03, 89, 7D, F0, 8B, 4D, EC, 51, FF, 15, 1C, 30, 40, 00, 39, 7D, F0, 75, 10, 68, 38, 31, 40, 00, FF, D3, 83, C4, 04, 5F, 5B, 8B, E5, 5D, C3...
 
[+]

Entropy:
5.4032

Developed / compiled with:
Microsoft Visual C++

Code size:
5 KB (5,120 bytes)

The file Windows 8 Patcher.exe has been seen being distributed by the following 2 URLs.

https://drive.google.com/uc?export=download&confirm=qmPe&id=0B6ypWQylqXDAVENBZm9BVEljbUE

http://www.stoned-vienna.com/.../Windows 8 Patcher.exe

Remove Windows 8 Patcher.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.