home

Patch-SetID-Cleaner.exe

Project1

This is a setup program which is used to install the application. The file has been seen being downloaded from kb.supportbd.com and multiple other hosts.
Product:
Project1

Version:
1.00

MD5:
ec16813b90967d2ac02146d325d0d52e

SHA-1:
9bc7c5280f9ea6792b7e6b110b6f4339f9d2ba6d

SHA-256:
c9b52522a2bcc96c82accfe47a08901e9f15ad152aa78b939641e7c1422d7842

Scanner detections:
1 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
11/23/2024 9:44:09 AM UTC  (today)

Scan engine
Detection
Engine version

Quick Heal
(Suspicious) - DNAScan
6.14.12.00

File size:
56 KB (57,344 bytes)

Product version:
1.00

Original file name:
Patch-SetID-Cleaner.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\patch-setid-cleaner.exe

File PE Metadata
Compilation timestamp:
8/8/2013 4:24:26 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
768:lZUqAw3EH7ecZ0VfiqXkjAPg1soNUecZFAw3EH:lXAwY7UfDojKoGfAwY

Entry address:
0x147C

Entry point:
68, A8, 5B, 40, 00, E8, EE, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, 15, E5, B7, 7A, 26, A2, E6, 4B, A4, FF, B9, C6, 4F, 0E, C2, 38, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 50, 72, 6F, 6A, 65, 63, 74, 31, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, FF, CC, 31, 00, 08, 78, DA, A0, C5, 95, C8, 73, 49, 9E, 14, 03, 94, 0B, 9D, 2D, CF, 7E, 6A, 83, 37, E3, B1, 9F, 4C, BA, 1E, B2, 61, 16, 56, 61, 6B, 3A, 4F, AD, 33, 99, 66, CF, 11, B7, 0C, 00...
 
[+]

Developed / compiled with:
Microsoft Visual Basic v5.0

Code size:
36 KB (36,864 bytes)

The file Patch-SetID-Cleaner.exe has been seen being distributed by the following 2 URLs.

http://kb.supportbd.com/.../Patch-SetID-Cleaner.exe

http://safe.pre-cloud.com:8080/safed.php?q=http://kb.supportbd.com/.../Patch-SetID-Cleaner.exe

Scan Patch-SetID-Cleaner.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.