mixcraft patch.exe

Activator

MPT34M

The application mixcraft patch.exe, “cr4cking th3 cod3 4 fun!” has been detected as a potentially unwanted program by 26 anti-malware scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from dc641.4shared.com.
Publisher:
MPT34M

Product:
Activator

Description:
cr4cking th3 cod3 4 fun!

Version:
1.0

MD5:
8ceedcc2be55ae997b66f837487440e5

SHA-1:
b2671edc4936cf5f8364afa34e53a2e88c661c0a

SHA-256:
a687a0d6a4dc2debe270795755c5fd6c4b0709eeaaca23bbccf090bfaa8f61ab

Scanner detections:
26 / 68

Status:
Potentially unwanted

Analysis date:
12/27/2024 9:59:34 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.Generic.8545653
1102

Agnitum Outpost
Packed/PECompact
7.1.1

Avira AntiVirus
TR/Rogue.8545653
7.11.127.72

Baidu Antivirus
Trojan.Win32.Agent
4.0.3.14129

Bitdefender
Trojan.Generic.8545653
1.0.20.145

Bkav FE
W32.Clod139.Trojan
1.3.0.4923

Comodo Security
UnclassifiedMalware
17682

Dr.Web
Tool.Patcher.127
9.0.1.029

Emsisoft Anti-Malware
Trojan.Generic.8545653
8.14.01.29.02

ESET NOD32
Win32/HackTool.Patcher (variant)
8.9340

Fortinet FortiGate
Riskware/Kiser
1/29/2014

F-Secure
Trojan.Generic.8545653
11.2014-29-01_4

G Data
Trojan.Generic.8545653
14.1.24

IKARUS anti.virus
not-a-virus:Hacktool
t3scan.2.2.29

Malwarebytes
CrackTool.Agent
v2014.01.29.02

McAfee
Artemis!8CEEDCC2BE55
5600.7236

MicroWorld eScan
Trojan.Generic.8545653
15.0.0.87

NANO AntiVirus
Riskware.Win32.Patcher.bgnsfj
0.28.0.57380

nProtect
Trojan.Generic.8545653
14.01.26.01

Panda Antivirus
Trj/CI.A
14.01.29.02

Reason Heuristics
Unnamed.Threat.42
14.3.3.22

Sophos
Generic Patcher
4.97

SUPERAntiSpyware
Trojan.Agent/Gen-Faldesc
10817

Trend Micro House Call
TROJ_SPNR.08IA13
7.2.29

Trend Micro
TROJ_SPNR.08IA13
10.465.29

VIPRE Antivirus
Trojan.Win32.Generic.pak!cobra
25852

File size:
472.5 KB (483,840 bytes)

Product version:
1.0

Copyright:
© MPT

Original file name:
Activator

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\acoustica mixcraft 6\mixcraft patch.exe

File PE Metadata
Compilation timestamp:
3/12/2011 11:47:00 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
5.12

CTPH (ssdeep):
12288:W6LyJG3zYpHejhNQXxl20uO25fELThICiU:WxuYpJXxlE2

Entry address:
0x3D86

Entry point:
B8, 08, 00, 50, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, 1E, 86, 17, 84, 62, 2C, 26, 5F, 59, 1E, D1, 32, AE, 09, 3E, 3C, AD, BB, 5C, 51, 01, 21, AC, EB, 3A, 11, B7, 50, B7, E9, BB, 26, 70, 7D, 69, 51, 5C, EF, DA, F7, E1, CB, D3, 82, A4, CB, 66, 47, F2, 6F, 11, AC, CE, 2F, 52, 40, 3A, 06, EB, A3, C4, AB, 43, 44, 1B, 3A, 01, A1, E7, 8B, 12, 7E, 85, 5F, 68, 7E, BA, 74, 54, 5C, D3, 65, 7D, 6C, CA, 64, 81, E3, 49, 36, C9, 86, 3B...
 
[+]

Entropy:
7.9608

Packer / compiler:
PECompact v2

Code size:
35 KB (35,840 bytes)

The file mixcraft patch.exe has been seen being distributed by the following URL.

Remove mixcraft patch.exe - Powered by Reason Core Security