× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: a8dbefd5ebd8cedeb39f0af166f583c3e8649ec9d48f77aaee8825e7570f768c
File name: patch.exe
Detection ratio: 36 / 68
Analysis date: 2018-11-15 23:40:49 UTC ( 4 months, 1 week ago )
Antivirus Result Update
Ad-Aware Gen:Variant.Razy.93746 20181116
AegisLab Trojan.Win32.Razy.4!c 20181115
ALYac Gen:Variant.Razy.93746 20181115
Antiy-AVL Trojan/Win32.AGeneric 20181115
Arcabit Trojan.Razy.D16E32 20181115
Avast FileRepMalware 20181116
AVG FileRepMalware 20181115
Avira (no cloud) TR/Downloader.ifbz 20181115
BitDefender Gen:Variant.Razy.93746 20181115
CrowdStrike Falcon (ML) malicious_confidence_100% (W) 20181022
Cybereason malicious.9fb7da 20180225
Cylance Unsafe 20181116
Cyren W32/Trojan.CLBX-8522 20181115
Emsisoft Gen:Variant.Razy.93746 (B) 20181115
F-Secure Gen:Variant.Razy.93746 20181115
Fortinet W32/MSIL.HYT!tr 20181115
GData Gen:Variant.Razy.93746 20181115
Ikarus Trojan-Downloader 20181115
K7AntiVirus Riskware ( 0040eff71 ) 20181113
K7GW Riskware ( 0040eff71 ) 20181115
MAX malware (ai score=100) 20181116
McAfee Artemis!35BE00A9FB7D 20181115
McAfee-GW-Edition Artemis!Trojan 20181115
Microsoft Trojan:Win32/Skeeyah.A!rfn 20181115
eScan Gen:Variant.Razy.93746 20181115
NANO-Antivirus Trojan.Win32.Dwn.ekxfdt 20181115
Palo Alto Networks (Known Signatures) generic.ml 20181116
Panda Trj/GdSda.A 20181115
Qihoo-360 Trojan.Generic 20181116
Rising Malware.Undefined!8.C (CLOUD) 20181115
Sophos AV Troj/MSIL-HYT 20181115
Symantec Downloader 20181115
TrendMicro TROJ_GEN.R002C0OER18 20181115
TrendMicro-HouseCall TROJ_GEN.R002C0OER18 20181115
VIPRE Trojan.Win32.Generic!BT 20181115
Yandex Trojan.DL.Agent!Txt/uk0mD1I 20181115
AhnLab-V3 20181115
Alibaba 20180921
Avast-Mobile 20181115
Babable 20180918
Baidu 20181115
Bkav 20181115
CAT-QuickHeal 20181115
ClamAV 20181116
CMC 20181115
DrWeb 20181115
eGambit 20181116
Endgame 20181108
ESET-NOD32 20181115
F-Prot 20181115
Sophos ML 20181108
Jiangmin 20181115
Kaspersky 20181115
Kingsoft 20181116
Malwarebytes 20181115
SentinelOne (Static ML) 20181011
SUPERAntiSpyware 20181114
Symantec Mobile Insight 20181108
TACHYON 20181115
Tencent 20181116
TheHacker 20181113
TotalDefense 20181115
Trustlook 20181116
VBA32 20181115
ViRobot 20181115
Webroot 20181116
Zillya 20181115
ZoneAlarm by Check Point 20181116
Zoner 20181116
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2016

Product patch
Original name patch.exe
Internal name patch.exe
File version 1.0.0.0
Description patch for Cisco
Comments patch for Cisco
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-07-27 08:05:12
Entry Point 0x0001980E
Number of sections 3
.NET details
Module Version ID 4c9656bc-7354-4527-bd29-b26514f2ef0e
TypeLib ID 02fe7f38-7e3f-4fc5-9ab4-64a30666492a
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 1
RT_GROUP_ICON 1
RT_VERSION 1
RT_MANIFEST 1
Number of PE resources by language
NEUTRAL 4
PE resources
ExifTool file metadata
SubsystemVersion
4.0

Comments
patch for Cisco

LinkerVersion
8.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.0.0.0

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
patch for Cisco

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
70144

EntryPoint
0x1980e

OriginalFileName
patch.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright 2016

FileVersion
1.0.0.0

TimeStamp
2016:07:27 09:05:12+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
patch.exe

ProductVersion
1.0.0.0

UninitializedDataSize
0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Cisco Systems Inc

CodeSize
96768

ProductName
patch

ProductVersionNumber
1.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
1.0.0.0

Compressed bundles
File identification
MD5 35be00a9fb7da9881b46e21ceea09bef
SHA1 8e84a56d5e46c903ece7fbfacd4380fc30933309
SHA256 a8dbefd5ebd8cedeb39f0af166f583c3e8649ec9d48f77aaee8825e7570f768c
ssdeep
1536:sJ24kEUYxjFXmgP8/U/sbHPLP2wV5I6l/UxYxjFXmgP8/U/sbHPLP2w6:E24khr5IqUR8

authentihash bd2e7c924ea1d839dcef94a2e8eccda18111a7fd9405b410d7adacc4d8ea866e
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 163.5 KB ( 167424 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (62.0%)
Win64 Executable (generic) (23.4%)
Win32 Dynamic Link Library (generic) (5.5%)
Win32 Executable (generic) (3.8%)
OS/2 Executable (generic) (1.7%)
Tags
peexe assembly

VirusTotal metadata
First submission 2016-07-27 16:34:50 UTC ( 2 years, 7 months ago )
Last submission 2018-10-24 23:31:28 UTC ( 5 months ago )
File names 35be00a9fb7da9881b46e21ceea09bef.vir
PatchForCiscoVPNClient20160727.exe
35be00a9fb7da9881b46e21ceea09bef.vir
35be00a9fb7da9881b46e21ceea09bef.vir
patch.exe
RAINYDROP-a8dbefd5ebd8cedeb39f0af166f583c3e8649ec9d48f77aaee8825e7570f768c
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!