patch.6.x.exe

iOTA & addhaloka

Publisher:
iOTA & addhaloka

Description:
Bugs Remover :)

Version:
6.19.7.3

MD5:
dc0900a337ecb6585c084876cbb85b3b

SHA-1:
297670f9c9196ccd1dc18c96f739a2000bbac926

SHA-256:
808d1575c96e2bb6dd9375577a14e1fada8ef8e73d52605909ecdb80d4f42386

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
12/25/2024 8:18:59 AM UTC  (today)

Scan engine
Detection
Engine version

McAfee
Generic QHosts.a.gen
5600.7143

Trend Micro House Call
TROJ_GEN.R047H06DM14
7.2.122

File size:
17.5 KB (17,920 bytes)

Product version:
6.19.7.3

Copyright:
© 2014. No rights reserved.

File type:
Executable application (Win32 EXE)

Language:
Chinese (Simplified, PRC)

Common path:
C:\Program Files\internet download manager\patch.6.x.exe

File PE Metadata
Compilation timestamp:
4/21/2014 8:53:14 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.50

CTPH (ssdeep):
384:vvGShXDZuFq+xmEKN6XgwI/ZN9KQdssJd2:vZhcLKN6XgPKWxJs

Entry address:
0x13F6

Entry point:
6A, 00, E8, 8D, 15, 00, 00, A3, C8, 50, 40, 00, E8, 91, 0C, 00, 00, 6A, 00, E8, 7C, 15, 00, 00, E8, 73, 16, 00, 00, 6A, 00, 68, 9E, 14, 40, 00, 6A, 00, 6A, 01, 50, E8, A0, 14, 00, 00, FF, 35, 88, 55, 40, 00, E8, 09, 16, 00, 00, FF, 35, 80, 55, 40, 00, E8, FE, 15, 00, 00, FF, 35, 84, 55, 40, 00, E8, F3, 15, 00, 00, FF, 35, 7C, 55, 40, 00, E8, E8, 15, 00, 00, FF, 35, 78, 55, 40, 00, E8, DD, 15, 00, 00, 6A, 00, E8, 2E, 15, 00, 00, 55, 8B, EC, 83, 7D, 0C, 20, 75, 0D, FF, 35, C0, 50, 40, 00, E8, 54, 14, 00, 00...
 
[+]

Entropy:
5.2739

Packer / compiler:
TASM / MASM

Code size:
7 KB (7,168 bytes)

The file patch.6.x.exe has been discovered within the following program.

Internet Download Manager  by Tonec Inc.
Internet Download Manager (also called IDM) is a shareware download manager. It is only available for the Microsoft Windows operating system.
www.internetdownloadmanager.com
30% remove it
 
Powered by Should I Remove It?

The file patch.6.x.exe has been seen being distributed by the following URL.

Scan patch.6.x.exe - Powered by Reason Core Security