× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 9c5e95abadef574234116f721240c8c771ca94a8cd82e76687c7d58d2dd7fbea
File name: Patcher.exe
Detection ratio: 34 / 61
Analysis date: 2017-06-21 03:20:40 UTC ( 3 months, 4 weeks ago ) View latest
Antivirus Result Update
Ad-Aware Gen:Variant.Symmi.74165 20170621
AegisLab Troj.W32.Generic!c 20170621
ALYac Gen:Variant.Symmi.74165 20170621
Arcabit Trojan.Symmi.D121B5 20170621
Avast Win32:Trojan-gen 20170621
AVG Win32:Trojan-gen 20170621
Avira (no cloud) TR/Fuery.qdbjo 20170620
AVware Trojan.Win32.Generic!BT 20170621
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9899 20170620
BitDefender Gen:Variant.Symmi.74165 20170621
Bkav HW32.Packed.8742 20170620
Emsisoft Gen:Variant.Symmi.74165 (B) 20170621
Endgame malicious (moderate confidence) 20170615
ESET-NOD32 a variant of Win32/Packed.VMProtect.AH 20170620
F-Secure Gen:Variant.Symmi.74165 20170621
Fortinet W32/Generic!tr 20170621
GData Gen:Variant.Symmi.74165 20170621
Ikarus Trojan.SuspectCRC 20170620
Sophos ML heuristic 20170607
Kaspersky HEUR:Trojan.Win32.Generic 20170621
McAfee Artemis!BC26D1726AFC 20170621
McAfee-GW-Edition BehavesLike.Win32.Dropper.vc 20170621
eScan Gen:Variant.Symmi.74165 20170620
Panda Trj/CI.A 20170620
Rising Trojan.Generic!8.C3 (cloud:9RgAv3BixrJ) 20170621
SentinelOne (Static ML) static engine - malicious 20170516
Sophos AV Mal/Generic-S 20170621
Symantec Packed.Vmpbad!gen38 20170620
Tencent Win32.Trojan.Crypt.Pfsw 20170621
TrendMicro TROJ_GEN.R0F0C0OFG17 20170621
TrendMicro-HouseCall TROJ_GEN.R0F0C0OFG17 20170621
VIPRE Trojan.Win32.Generic!BT 20170621
Yandex Trojan.Agent!WLkRXpIeylY 20170620
ZoneAlarm by Check Point HEUR:Trojan.Win32.Generic 20170621
AhnLab-V3 20170620
Alibaba 20170621
Antiy-AVL 20170621
CAT-QuickHeal 20170620
ClamAV 20170620
CMC 20170619
Comodo 20170621
CrowdStrike Falcon (ML) 20170420
Cyren 20170620
DrWeb 20170621
F-Prot 20170621
Jiangmin 20170621
K7AntiVirus 20170620
K7GW 20170620
Kingsoft 20170621
Malwarebytes 20170621
Microsoft 20170621
NANO-Antivirus 20170620
nProtect 20170621
Palo Alto Networks (Known Signatures) 20170621
Qihoo-360 20170621
SUPERAntiSpyware 20170621
Symantec Mobile Insight 20170621
TheHacker 20170618
Trustlook 20170621
VBA32 20170620
ViRobot 20170620
Webroot 20170621
WhiteArmor 20170616
Zillya 20170619
Zoner 20170621
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
(c) Vindictus Games. All rights reserved.

Original name Patcher.exe
Internal name Patcher.exe
File version 1.1.1.1
Description Vindictus Patcher
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-06-11 18:50:49
Entry Point 0x003A54B9
Number of sections 9
PE sections
PE imports
CloseServiceHandle
EnumServicesStatusExW
RegQueryInfoKeyW
RegQueryValueExA
OpenSCManagerW
OpenServiceW
QueryServiceConfigW
GetDeviceCaps
LocalFree
GetCurrentProcess
GetProcessAffinityMask
LocalAlloc
GetModuleHandleA
GetModuleFileNameW
GetLastError
FreeLibrary
ExitProcess
Sleep
SetThreadAffinityMask
SetProcessAffinityMask
LoadLibraryA
GetProcAddress
GetCurrentThread
TransparentBlt
SysFreeString
ShellExecuteW
CharUpperBuffW
GetDC
InternetAttemptConnect
timeGetTime
WTSSendMessageW
OleLockRunning
Number of PE resources by type
RT_ICON 1
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
KOREAN 3
ENGLISH US 1
PE resources
ExifTool file metadata
SubsystemVersion
6.0

LinkerVersion
14.0

ImageVersion
0.0

FileVersionNumber
1.1.1.1

UninitializedDataSize
0

LanguageCode
Korean

FileFlagsMask
0x0017

CharacterSet
Unicode

InitializedDataSize
245248

EntryPoint
0x3a54b9

OriginalFileName
Patcher.exe

MIMEType
application/octet-stream

LegalCopyright
(c) Vindictus Games. All rights reserved.

FileVersion
1.1.1.1

TimeStamp
2017:06:11 19:50:49+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Patcher.exe

ProductVersion
1.1.1.1

FileDescription
Vindictus Patcher

OSVersion
6.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Vindictus

CodeSize
613376

FileSubtype
0

ProductVersionNumber
1.1.1.1

FileTypeExtension
exe

ObjectFileType
Executable application

Compressed bundles
File identification
MD5 bc26d1726afcda15e9325b14d0763688
SHA1 b8b8bb16d6521f8082761e06307805a6bc5d0f0c
SHA256 9c5e95abadef574234116f721240c8c771ca94a8cd82e76687c7d58d2dd7fbea
ssdeep
49152:twSV4HCyGh/ZDcWzbLT0tsSBYQ0q/yqtWSPjm7UhFNHVSjQJdywz5j6C1jJyOMFU:twSV4VGhFcWzbf0twneyqLS7GN1SjafW

authentihash df85ff6dfc9937b0508cce97757e6814d5bd0707cb1a72e387a4cabb80775efe
imphash f096c04045c63b60d076ae4f6460a7fd
File size 2.7 MB ( 2843648 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win64 Executable (generic) (76.4%)
Win32 Executable (generic) (12.4%)
Generic Win/DOS Executable (5.5%)
DOS Executable Generic (5.5%)
Tags
peexe

VirusTotal metadata
First submission 2017-06-12 21:39:37 UTC ( 4 months ago )
Last submission 2017-08-11 16:01:53 UTC ( 2 months ago )
File names Patcher.file
Patcher.exe
Advanced heuristic and reputation engines
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!