× Les cookies sont désactivés ! Ce site exige que les cookies soient activés pour fonctionner correctement
SHA256: f741b76210ae8491b8dae8caa6177b7a249468d99c24b577643cc3bb50d7ced3
Nom du fichier : Multi-Patch 1.1.exe
Ratio de détection : 2 / 61
Date d'analyse : 2017-03-27 02:01:55 UTC (il y a 11 mois) Voir les derniers
Antivirus Résultat Mise à jour
Endgame malicious (moderate confidence) 20170317
Ikarus Trojan-Downloader.Win32.Small 20170326
Ad-Aware 20170326
AegisLab 20170327
AhnLab-V3 20170326
Alibaba 20170325
ALYac 20170327
Antiy-AVL 20170326
Arcabit 20170326
Avast 20170326
AVG 20170327
Avira (no cloud) 20170326
AVware 20170327
Baidu 20170323
BitDefender 20170327
Bkav 20170326
CAT-QuickHeal 20170325
ClamAV 20170327
CMC 20170326
Comodo 20170325
CrowdStrike Falcon (ML) 20170130
Cyren 20170327
DrWeb 20170327
Emsisoft 20170327
ESET-NOD32 20170326
F-Prot 20170327
F-Secure 20170326
Fortinet 20170327
GData 20170327
Sophos ML 20170203
Jiangmin 20170326
K7AntiVirus 20170326
K7GW 20170327
Kaspersky 20170327
Kingsoft 20170327
Malwarebytes 20170326
McAfee 20170327
McAfee-GW-Edition 20170327
Microsoft 20170327
eScan 20170326
NANO-Antivirus 20170327
nProtect 20170327
Palo Alto Networks (Known Signatures) 20170327
Panda 20170326
Qihoo-360 20170327
Rising 20170327
SentinelOne (Static ML) 20170315
Sophos AV 20170327
SUPERAntiSpyware 20170326
Symantec 20170326
Symantec Mobile Insight 20170326
Tencent 20170327
TheHacker 20170321
TrendMicro 20170326
TrendMicro-HouseCall 20170326
Trustlook 20170327
VBA32 20170324
VIPRE 20170327
ViRobot 20170326
Webroot 20170327
WhiteArmor 20170315
Yandex 20170323
Zillya 20170323
ZoneAlarm by Check Point 20170326
Zoner 20170327
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© 2017, RadiXX11

Product 4VS/AS/AMP4/Tipard Multi-Patch
Original name Patch.exe
Internal name Patch.exe
File version 1.1.0.0
Description Patch for 4VS/AS/AMP4/Tipard products
Packers identified
F-PROT UPX_LZMA
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-03-01 11:07:55
Entry Point 0x001E1CF0
Number of sections 3
PE sections
PE imports
MapAndLoad
VirtualProtect
LoadLibraryA
ExitProcess
GetProcAddress
ImageList_Add
GetSaveFileNameA
SaveDC
GdipFree
CoInitialize
VariantCopy
SHGetMalloc
VerQueryValueA
OpenPrinterA
Number of PE resources by type
RT_BITMAP 29
RT_STRING 26
RT_RCDATA 22
RT_GROUP_CURSOR 8
RT_ICON 8
RT_CURSOR 8
RT_DIALOG 1
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 70
ENGLISH US 15
SPANISH ARGENTINA 10
ENGLISH NEUTRAL 7
RUSSIAN 3
PE resources
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
2.25

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.1.0.0

UninitializedDataSize
1249280

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Windows, Latin1

InitializedDataSize
57344

EntryPoint
0x1e1cf0

OriginalFileName
Patch.exe

MIMEType
application/octet-stream

LegalCopyright
2017, RadiXX11

FileVersion
1.1.0.0

TimeStamp
2017:03:01 12:07:55+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Patch.exe

ProductVersion
1.1.0.0

FileDescription
Patch for 4VS/AS/AMP4/Tipard products

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
RadiXX11

CodeSize
724992

ProductName
4VS/AS/AMP4/Tipard Multi-Patch

ProductVersionNumber
1.1.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 8e848174a45162d3b5eb220fe107c08a
SHA1 f7c741347f4cd7f79395b266f2b1ffb4bd267f53
SHA256 f741b76210ae8491b8dae8caa6177b7a249468d99c24b577643cc3bb50d7ced3
ssdeep
12288:i98CcGzIl3U8BYZc0b49QhmrOHg5+FMdxdap1bGeghHhK5CypZtqig2btoSQw:88NGcl33BYZceSOHg5aOo1b1aoIypZtj

authentihash e113cb362d104deb3805cc0ff60ab99473d5dea6247bd9fa14b173becf3a7c81
imphash a094b17eabc1cce985619c372378108c
File size 761.0 KB ( 779264 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.3%)
Win32 Executable (generic) (26.2%)
Win16/32 Executable Delphi generic (12.0%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2017-03-01 14:25:58 UTC (il y a 11 mois, 3 semaines)
Last submission 2018-02-08 10:24:02 UTC (il y a 1 semaine, 6 jours)
Noms du fichier Patch.exe
Multi-Patch 1.1.exe
Patch.exe
Patch.exe
4Videosoft-Aiseesoft-AnyMP4-Tipard--Universal 1.1.0.0.exe
Patch.exe
F741B76210AE8491B8DAE8CAA6177B7A249468D99C24B577643CC3BB50D7CED3
Patch.exe
Patch.exe
4Videosoft-Aiseesoft-AnyMP4-Tipard--Universal 1.1.0.0.exe
Patch.exe
2. Multi-Patch 1.1.exe
Patch.exe
Patch.exe
Patch.exe
Aucun commentaire. Aucun membre de la communauté VirusTotal n'a encore commenté cet élément, soyez le premier à le faire !

Laissez votre commentaire...

?
Poster un commentaire

Vous n'êtes pas connecté. Seuls les utilisateurs enregistrés peuvent laisser des commentaires, connectez-vous pour commenter !

Aucun vote. Personne n'a encore voté pour cet élément, soyez le premier à le faire !
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Opened mutexes
Hooking activity
Runtime DLLs
Additional details
The file uses the IsDebuggerPresent Windows API function in order to see whether it is being debugged.
The file installs an application-defined hook procedure into a hook chain. You would install a hook procedure to monitor the system for certain types of events. These events are associated either with a specific thread or with all threads in the same desktop as the calling thread. This is done making use of the SetWindowsHook Windows API function.