» Patch-SetID-Cleaner.exe
Overview
Analysis
File Details
Downloads (1)

Patch-SetID-Cleaner.exe

Project1

This is a setup program which is used to install the application. The file has been seen being downloaded from kb.supportbd.com.

File name:

Product:

Project1

Version:

1.00

MD5:

0900d09488d7789fc2ad35278dcb781c

SHA-1:

1c3231a38d3d6bfd7d7ad9d98a55e57f1b7e8858

SHA-256:

e27224c41738091ba68178adb6d10bcac0b9784bc5b5fa9c7f8f51b239b6aeb5

Scanner detections:

2 / 68

Status:

Clean (2 probable false positive detections)

Explanation:

These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:

11/24/2024 11:32:49 AM UTC (today)

Scan engine

Detection

Engine version

Qihoo 360 Security

Malware.QVM03.Gen

1.0.0.1015

Quick Heal

(Suspicious) - DNAScan

10.14.14.00

File size:

56 KB (57,344 bytes)

Product version:

1.00

Original file name:

Patch-SetID-Cleaner.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\downloads\patch-setid-cleaner.exe

File PE Metadata

Compilation timestamp:

8/7/2014 11:38:28 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

768:gZUqAw3EH7ecZ0VhX1DLJwsjIuE1sgNUecZFAw3EH:gXAwY7UhX/pDEKgGfAwY

Entry address:

0x147C

Entry point:

68, A0, 5B, 40, 00, E8, EE, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, E3, 8E, 79, CB, 5E, FD, B6, 4C, 97, B7, 61, 54, D6, 19, 7B, 93, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 50, 72, 6F, 6A, 65, 63, 74, 31, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, FF, CC, 31, 00, 08, D3, D1, 96, 86, 1E, 26, 04, 4A, AC, 87, 48, 17, 5E, 05, B9, 82, D0, 59, B4, D1, 81, F9, AE, 41, 85, B1, C3, 4A, A8, CE, B3, 4B, 3A, 4F, AD, 33, 99, 66, CF, 11, B7, 0C, 00... 
[+]

Developed / compiled with:

Microsoft Visual Basic v5.0

Code size:

36 KB (36,864 bytes)

The file Patch-SetID-Cleaner.exe has been seen being distributed by the following URL.

http://kb.supportbd.com/.../Patch-SetID-Cleaner.exe

Scan Patch-SetID-Cleaner.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.