home

patchplugins.exe

Akross systems

This is a setup and installation application. The file has been seen being downloaded from s4.sendfile.su.
Publisher:
Akross systems

Description:
Patch for Pinnacle Studio 14 U.C.P. 1.1 Installation

Version:
1.1

MD5:
e4e75b92721208152de08e19f31d8603

SHA-1:
6a2f71fe9f70f70108941c59e0eab47edc4ca48a

SHA-256:
9c238853eb3d49c1564eb4c7a12047ce2f0d67e3131b4bf02d3b353d0641235b

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
1/13/2025 5:31:22 PM UTC  (today)

Scan engine
Detection
Engine version

Qihoo 360 Security
HEUR/QVM05.1.Malware.Gen
1.0.0.1120

Rising Antivirus
Malware.Undefined!8.C-Z0BqituBeHJ (Cloud)
23.00.65.16615

File size:
469.7 KB (480,978 bytes)

Copyright:
Akross systems

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\patchplugins.exe

File PE Metadata
Compilation timestamp:
6/20/1992 1:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
6144:+KrxiyLvmWVXGl41fDVzJNHn3SGXXindGi+QCCBiPJPeaOU:vtLXhTbCOigi+Q7qF/

Entry address:
0x19B64

Entry point:
55, 8B, EC, 83, C4, F0, B8, 9C, 9A, 41, 00, E8, B8, AB, FE, FF, B8, C4, 9B, 41, 00, E8, 5A, DC, FE, FF, 8B, 15, C8, A6, 41, 00, 89, 02, 8B, 15, C8, A6, 41, 00, 8B, 12, A1, CC, A6, 41, 00, E8, 48, D5, FF, FF, 8B, 15, C8, A6, 41, 00, 8B, 12, A1, 6C, A6, 41, 00, E8, 02, 71, FF, FF, A1, C8, A6, 41, 00, E8, 14, 18, FF, FF, E8, D7, 99, FE, FF, 00, 00, 00, FF, FF, FF, FF, 01, 00, 00, 00, 2A, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
99 KB (101,376 bytes)

The file patchplugins.exe has been seen being distributed by the following URL.

http://s4.sendfile.su/download/.../tSpLrwHLkI3ID3NqiV1KT8DYwZUJtRjlhPaEXqxd

Scan patchplugins.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.