home

sp ex 1.13.2 patch.exe

The application sp ex 1.13.2 patch.exe has been detected as a potentially unwanted program by 11 anti-malware scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from dc427.4shared.com and multiple other hosts.
MD5:
ea96ec9011ab3165e10db18c0472b515

SHA-1:
479965d2fe9388310b6809135bb54da2d1f727d7

SHA-256:
dabaf455fe6d4f73a1e27c80abe210f0fc2ef6b3da1764d94251d0b145a713db

Scanner detections:
11 / 68

Status:
Potentially unwanted

Analysis date:
11/15/2024 7:27:23 PM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Riskware.HackTool
7.1.1

Avira AntiVirus
TR/Spy.1484002
7.11.198.100

Comodo Security
UnclassifiedMalware
20510

Fortinet FortiGate
Riskware/GamePatcher
7/31/2015

Malwarebytes
PUP.Riskware.Patcher
v2015.07.31.12

McAfee
Artemis!EA96EC9011AB
5600.6688

Panda Antivirus
Trj/CI.A
15.07.31.12

Qihoo 360 Security
Win32/Trojan.Spy.797
1.0.0.1015

Total Defense
Win32/Inject.C!generic
37.0.11354

VIPRE Antivirus
Trojan.Win32.Agent.wfn
36160

Zillya! Antivirus
Trojan.Llac.Win32.38648
2.0.0.2018

File size:
1.4 MB (1,484,002 bytes)

File type:
Executable application (Win32 EXE)

File PE Metadata
Compilation timestamp:
2/24/2011 5:11:14 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:/bvlttzBwqWUX0c/W55GtQWBFAwHurdesD3JEvyMT4l9wWcBy1K5X6kwLea/c:jKSiMTAZS5Tv+aa/c

Entry address:
0x8489C

Entry point:
55, 8B, EC, 83, C4, F0, B8, 4C, 3A, 48, 00, E8, 74, 2C, F8, FF, A1, 00, 78, 48, 00, 8B, 00, E8, A8, 90, FE, FF, A1, 00, 78, 48, 00, 8B, 00, B2, 01, E8, 02, AC, FE, FF, A1, 00, 78, 48, 00, 8B, 00, 33, D2, E8, 34, 8B, FE, FF, 8B, 0D, 98, 77, 48, 00, A1, 00, 78, 48, 00, 8B, 00, 8B, 15, 18, 2C, 48, 00, E8, 8C, 90, FE, FF, A1, 00, 78, 48, 00, 8B, 00, E8, D0, 91, FE, FF, E8, 3B, 03, F8, FF, 8D, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
526 KB (538,624 bytes)

The file sp ex 1.13.2 patch.exe has been seen being distributed by the following 2 URLs.

http://dc427.4shared.com/download/.../sp_ex_1132_patch.exe

https://mega.co.nz/temporary/.../HEgC3Bob

Remove sp ex 1.13.2 patch.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.