SonyVegasPro Patch.exe

The application SonyVegasPro Patch.exe has been detected as a potentially unwanted program by 23 anti-malware scanners. The file has been seen being downloaded from docviewer.yandex.com and multiple other hosts.
MD5:
fc9fc6fe89061acc405df329c2192895

SHA-1:
19b50cc85df3a5a938ce08b9fe0d1f8ce06444b2

SHA-256:
ddd1035a2b3a3be0fe0b6b97b99a0ce2e33733ec031fcfded81b10ef88564fe3

Scanner detections:
23 / 68

Status:
Potentially unwanted

Analysis date:
12/25/2024 5:44:25 PM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Trojan.Agent
7.1.1

AhnLab V3 Security
ASD.Prevention
2013.12.28

Avira AntiVirus
SPR/Tool.Keygen.365
7.11.122.108

AVG
Generic25
2014.0.3543

Bkav FE
W32.Clodb20.Trojan
1.3.0.4613

Fortinet FortiGate
W32/Malware_fam.NB
8/29/2013

F-Prot
W32/Keygen
4.6.5.141

IKARUS anti.virus
not-a-virus:Keygen.SuspectCRC
t3scan.2.2.29

K7 AntiVirus
Riskware
13.170.9407

Malwarebytes
RiskWare.Tool.HCK
v2013.08.29.12

McAfee
Generic.bfr!bz
5600.7181

Microsoft Security Essentials
1.165.247.01

MicroWorld eScan
GRAY_Gen.8Z1333
14.0.0.723

NANO AntiVirus
Trojan.Win32.Qqpass.chwjuz
0.28.0.57029

Norman
Smalltroj.OIWL
11.20130829

Reason Heuristics
Unnamed.Threat.50
14.3.1.0

Rising Antivirus
PE:Trojan.Win32.Generic.12A811BE!313004478
23.00.65.13827

Sophos
Troj/Keygen-GX
4.96

Total Defense
Win32/keygen.V
37.0.10498

Trend Micro House Call
CRCK_KEYGEN
7.2.241

Trend Micro
CRCK_KEYGEN
10.465.29

Vba32 AntiVirus
TrojanPSW.QQpass
3.12.24.3

VIPRE Antivirus
Trojan.Win32.Generic
24804

File size:
94 KB (96,256 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\sonyvegaspro patch.exe

File PE Metadata
Compilation timestamp:
10/11/2007 10:49:15 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
5.0

CTPH (ssdeep):
1536:5zBmhXOchWJ6fz+A95vaUy9OVRhUg8HP9jS8EUQpO61+5mvPxMDGKv6666666MS0:5zBTsm6fzD9VIOHEvVdXRmPxMVjjbD

Entry address:
0x464B0

Entry point:
60, BE, 00, 70, 43, 00, 8D, BE, 00, A0, FC, FF, 57, 83, CD, FF, EB, 10, 90, 90, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, EF, 75, 09, 8B, 1E, 83, EE, FC, 11, DB, 73, E4, 31, C9, 83, E8, 03, 72, 0D, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 74, 89, C5, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, 75, 20, 41, 01, DB, 75...
 
[+]

Entropy:
7.2890

Packer / compiler:
UPX 2.90LZMA]

Code size:
64 KB (65,536 bytes)

The file SonyVegasPro Patch.exe has been seen being distributed by the following 18 URLs.

https://docviewer.yandex.com/source?id=395wiu-2yjfkgjxxneomjjld7kfdagmcmr840o4zyudr3bj0rcnef1qnduj8x2viefyg4tn6wqh7taq5136pk304jvdnjqn15kuq5nogcz&archive-path=//.../SonyVegasPro Patch.exe&ts=158f9506aab&token=uCdy6zzefaI3dS65fExUhA==&name=tutos10 tutosweb88.rar

https://mega.nz/temporary/.../vEMiTY4R

https://mega.nz/persistent/.../tRJF1ATI

https://docviewer.yandex.com/source?id=395wiu-2yjfkgjxxneomjjld7kfdagmcmr840o4zyudr3bj0rcnef1qnduj8x2viefyg4tn6wqh7taq5136pk304jvdnjqn15kuq5nogcz&archive-path=//.../SonyVegasPro Patch.exe&ts=1576458302a&token=oV5nH4jLWDyGjXm8uh0evg==&name=tutos10 tutosweb88.rar

https://mega.nz/persistent/.../sUBAkITL

https://mega.co.nz/temporary/.../M4cjVR7Q

http://s10641.minhateca.com.br/File.aspx?e=Fni9czxC2yF9ZIs0xnAeMmJhXhp8iGxOJjVQgH4u1kryFNRVyOSNyktMKzoPa7y7h4Xp-q5m5daP-Htomy5E3yJapA9jtnTSveKO_ztgfaADXl9eX79RUPeRiQRcO2KpkEsJuSkJ5fpAOzzi0XqCWw&pv=2

https://docviewer.yandex.com/source?id=395wiu-2yjfkgjxxneomjjld7kfdagmcmr840o4zyudr3bj0rcnef1qnduj8x2viefyg4tn6wqh7taq5136pk304jvdnjqn15kuq5nogcz&archive-path=//.../SonyVegasPro Patch.exe&ts=157635b529f&token=k8MBsHYMT5RAC4Ka2c2MOg==&name=tutos10 tutosweb88.rar

https://mega.nz/temporary/.../G1kVkbJK

https://mega.nz/persistent/.../G1kVkbJK

https://mega.nz/temporary/.../tRJF1ATI

about:internet

Remove SonyVegasPro Patch.exe - Powered by Reason Core Security