patch-rept.exe

The application patch-rept.exe has been detected as a potentially unwanted program by 23 anti-malware scanners. This is a setup program which is used to install the application. Additionally, the file is typically installed by a number of programs including Foxit PhantomPDF Business by Foxit Corporation and Foxit PhantomPDF by Foxit Software Inc.. The file has been seen being downloaded from doc-00-0k-docs.googleusercontent.com.
MD5:
9fd19a0f8a79e9a2fdb5ac498d04f809

SHA-1:
d6881917b15ae9b7f0f5cffb8c8bdc28362477e1

SHA-256:
f555b31e48eaa8c9e51d9cbfc51ac52426edb291bde49a69eb51f0f0694002f0

Scanner detections:
23 / 68

Status:
Potentially unwanted

Analysis date:
11/9/2024 1:00:09 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Dropped:Application.Patch.FM
960

Agnitum Outpost
Riskware.HackTool
7.1.1

AhnLab V3 Security
Packed/Win32.Morphine
2014.06.18

avast!
Win32:Patcher-AK [PUP]
2014.9-140620

AVG
Crack
2015.0.3438

Bitdefender
Dropped:Application.Patch.FM
1.0.20.855

Comodo Security
TrojWare.Win32.Agent.WFN
18587

ESET NOD32
Win32/HackTool.Patcher.AD (variant)
8.9962

Fortinet FortiGate
Riskware/GamePatcher
6/20/2014

F-Prot
W32/Agent.KFY
v6.4.7.1.166

G Data
Dropped:Application.Patch.FM
14.6.24

IKARUS anti.virus
Dropper
t3scan.1.6.1.0

K7 AntiVirus
Trojan
13.1712436

Malwarebytes
PUP.Riskware.Patcher
v2014.06.20.04

McAfee
Artemis!9FD19A0F8A79
5600.7094

MicroWorld eScan
Dropped:Application.Patch.FM
15.0.0.513

Norman
Suspicious_Gen.WV
11.20140620

Qihoo 360 Security
Win32/Application.bbe
1.0.0.1015

Reason Heuristics
Threat.Win.Reputation.IMP
14.6.20.4

Sophos
Troj/Agent-WFN
4.98

Trend Micro House Call
TROJ_GEN.R03AC0REF14
7.2.171

Trend Micro
TROJ_GEN.R03AC0REF14
10.465.20

VIPRE Antivirus
Trojan.Win32.Agent.wfn
30414

File size:
1 MB (1,087,488 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\foxit software\foxit phantompdf\patch-rept.exe

File PE Metadata
Compilation timestamp:
12/22/2012 12:29:46 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
24576:954QG0NiEsyOQgwy9K9psiNtxSnaYqCN:9vkyOscOC

Entry address:
0x102B

Entry point:
E8, 07, 00, 00, 00, 6A, 00, E8, 05, 01, 00, 00, 55, 8B, EC, 81, C4, F4, FB, FF, FF, 56, 57, 53, 6A, 00, E8, 04, 01, 00, 00, A3, 30, 30, 40, 00, C7, 45, F8, 00, 00, 00, 00, 6A, 0A, 68, 00, 30, 40, 00, 6A, 00, E8, DE, 00, 00, 00, 0B, C0, 74, 21, 89, 45, FC, FF, 75, FC, 6A, 00, E8, FD, 00, 00, 00, 89, 45, F4, FF, 75, FC, 6A, 00, E8, E4, 00, 00, 00, 0B, C0, 74, 03, 89, 45, F8, 83, 7D, F8, 00, 74, 32, 6A, 04, 68, 00, 10, 00, 00, FF, 75, F4, 6A, 00, E8, D8, 00, 00, 00, 8B, F8, FF, 75, F4, FF, 75, F8, 57, E8, BE...
 
[+]

Entropy:
7.8941  (probably packed)

Code size:
512 Bytes (512 bytes)

The file patch-rept.exe has been discovered within the following programs.

Foxit PhantomPDF  by Foxit Software Inc.
www.foxitsoftware.com
About 9% of users remove it
Foxit PhantomPDF Business  by Foxit Corporation
Publisher's description - “Robust for the needs of enterprises, Foxit PhantomPDF Business delivers a feature rich solution with the quality, security, deployability, and support essential for enterprise requirements.”
www.foxitsoftware.com/Secure_PDF_Security
About 3% of users remove it
 
Powered by Should I Remove It?

The file patch-rept.exe has been seen being distributed by the following URL.

Remove patch-rept.exe - Powered by Reason Core Security