» patch_xilisoft-dvd-creator-7-1-3-20130109.exe
Overview
Analysis
File Details
Programs (5)
Downloads (1)

patch_xilisoft-dvd-creator-7-1-3-20130109.exe

The executable patch_xilisoft-dvd-creator-7-1-3-20130109.exe has been detected as malware by 16 anti-virus scanners. Additionally, the file is typically installed by a number of programs including 4Media Video Converter Ultimate by 4Media and ImTOO DVD Ripper Ultimate by ImTOO. The file has been seen being downloaded from download1062.mediafire.com.

File name:

MD5:

d40df971fe7fbe001f4a97a9b42fd58f

SHA-1:

2e5eecc31d188c09ecfe43f7f73fd3aa45f05019

SHA-256:

2214540dcfb421d15ad0b511c93cfc98a30551eeedf33c775a8e1366d20b6bd7

Scanner detections:

16 / 68

Status:

Malware

Analysis date:

11/5/2024 10:43:33 PM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

HackTool.Patcher

7.1.1

Avira AntiVirus

SPR/Patcher.D.105

7.11.123.138

Bkav FE

W32.Clod7c5.Trojan

1.3.0.4613

Comodo Security

UnclassifiedMalware

17554

ESET NOD32

Win32/HackTool.Patcher.AC potentially unsafe application

6.3.12010.0

Fortinet FortiGate

W32/SPNR.08LP11!tr

12/26/2013

IKARUS anti.virus

Win32.SuspectCrc

t3scan.2.2.29

McAfee

RDN/Generic PUP.z!dl

5600.7270

Microsoft Security Essentials

HackTool:Win32/Keygen

1.233.1921.0

Norman

Suspicious_Gen2.UHXCB

11.20131226

Quick Heal

HackTool.Keygen (Not a Virus)

12.13.12.00

Rising Antivirus

PE:Trojan.Win32.Generic.12AC25E4!313271780

23.00.65.131224

Sophos

Generic PUA CO

4.96

Total Defense

Win32/Refroso.IH

37.0.10498

VIPRE Antivirus

Trojan.Win32.Generic

25094

ViRobot

Trojan.Win32.A.Refroso.167424.A[UPX]

2011.4.7.4223

File size:

204.5 KB (209,408 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\xilisoft-dvd-creator-7-1-3-20130109\patch_xilisoft-dvd-creator-7-1-3-20130109.exe

File PE Metadata

Compilation timestamp:

3/8/2011 4:07:24 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

5.12

CTPH (ssdeep):

6144:IrgntbSBbn8ljJdkzapXiWsXEv0peIjDjSR/Y:xtLbk+hVGEv0peSmJY

Entry address:

0x50EC0

Entry point:

60, BE, 00, 50, 42, 00, 8D, BE, 00, C0, FD, FF, 57, EB, 0B, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, EF, 75, 09, 8B, 1E, 83, EE, FC, 11, DB, 73, E4, 31, C9, 83, E8, 03, 72, 0D, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 74, 89, C5, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, 75, 20, 41, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB... 
[+]

Entropy:

7.5691

Code size:

180 KB (184,320 bytes)

The file patch_xilisoft-dvd-creator-7-1-3-20130109.exe has been discovered within the following programs.

4Media Video Converter Ultimate by 4Media

Publisher's description - “Converting videos/audios from one format to another, 4Media Video Converter Ultimate can extract audio/picture from video and create video from picture, as well as add watermark, change artistic effects and adjusting subtitle.”

www.mp4converter.net

About 5% of users remove it

AVCWare Video Converter Ultimate by AVCWare

www.avcware.com

About 4% of users remove it

ImTOO DVD Ripper Ultimate by ImTOO

Publisher's description - “ImTOO DVD Ripper is a powerful DVD ripping software application to rip and convert DVD movies to almost all video and audio formats (rip DVD to AVI, DVD to MP4, DVD to MPEG, DVD to WMV, DVD to DivX; convert DVD to MP3, DVD to WMA) with high DVD ripping speed and exceptional quality.”

www.imtoo.com

About 2% of users remove it

ImTOO HD Video Converter by ImTOO

Publisher's description - “Ever wanted a quick and easy way to transfer your entire High or Standard-Definition (HD/SD) video collection to your favorite multimedia devices? ImTOO HD Video Converter can convert just about any video format for playback on devices such as the iPod, iPhone, Apple TV, PSP, PS3, Xbox and many others.”

www.imtoo.com/hd-video-converter.html

About 2% of users remove it

ImTOO Movie Maker 6 by ImTOO

Publisher's description - “As a professional movie making software, ImTOO Movie Maker helps you quickly create HD-quality and standard-definition movies from videos so you can share your masterpieces on popular devices like iPod, iPhone, Apple TV, PSP, PS3, PMP, Mobile phone, Xbox, Zune, Wii and DS.”

www.imtoo.com/movie-maker.html

About 1% of users remove it

The file patch_xilisoft-dvd-creator-7-1-3-20130109.exe has been seen being distributed by the following URL.

http://download1062.mediafire.com/c387ngzd0dug/.../Xilisoft Multipatch v0.3.exe

Remove patch_xilisoft-dvd-creator-7-1-3-20130109.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.