synthesia.9.x-patch.exe

The application synthesia.9.x-patch.exe has been detected as a potentially unwanted program by 25 anti-malware scanners. This is a setup program which is used to install the application. This file is typically installed with the program Synthesia by Synthesia LLC. The file has been seen being downloaded from mega.nz and multiple other hosts.
MD5:
1d29457a8333131b90bdb6294a54334f

SHA-1:
f8b189f59f30b3cc9e5a27b51c6c618ddc2d8522

SHA-256:
4e3ef1a24692863fe53daa1ae020757ab1ccded83f9c957e96053c5586fc6d03

Scanner detections:
25 / 68

Status:
Potentially unwanted

Analysis date:
12/26/2024 6:18:37 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Dropped:Application.Patch.FM
973

Agnitum Outpost
Riskware.HackTool
7.1.1

AhnLab V3 Security
Packed/Win32.Morphine
2014.06.03

avast!
Win32:Patcher-AK [PUP]
2014.9-140607

AVG
Crack
2015.0.3451

Bitdefender
Dropped:Application.Patch.FM
1.0.20.790

Bkav FE
W32.Clodd0f.Trojan
1.3.0.4959

Comodo Security
TrojWare.Win32.Agent.WFN
18409

ESET NOD32
Win32/HackTool.Patcher.AD (variant)
8.9882

Fortinet FortiGate
Riskware/GamePatcher
6/7/2014

F-Prot
W32/Agent.KFY
v6.4.7.1.166

G Data
Dropped:Application.Patch.FM
14.6.24

IKARUS anti.virus
Application.Patch
t3scan.1.6.1.0

K7 AntiVirus
Trojan
13.178.12278

Malwarebytes
PUP.Riskware.Patcher
v2014.06.07.05

McAfee
Artemis!1D29457A8333
5600.7107

MicroWorld eScan
Dropped:Application.Patch.FM
15.0.0.474

Norman
Suspicious_Gen.WV
11.20140607

Qihoo 360 Security
Win32/Application.bbe
1.0.0.1015

Reason Heuristics
Threat.Win.Reputation.IMP
14.6.7.5

Sophos
Troj/Agent-WFN
4.98

SUPERAntiSpyware
Trojan.Agent/Gen-Patcher
10559

Trend Micro House Call
TROJ_GEN.R08OC0EL913
7.2.158

Trend Micro
TROJ_GEN.R08OC0EL913
10.465.07

VIPRE Antivirus
Trojan.Win32.Agent.wfn
29870

File size:
332.5 KB (340,480 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\synthesia-9.0\synthesia.9.x-patch.exe

File PE Metadata
Compilation timestamp:
12/21/2012 9:59:46 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
6144:iizA2BNWNtmPw3EQspXOZldahs4rZVTDne0UDtCJotu:it2iNwS7speZvX4tZenJa2

Entry address:
0x102B

Entry point:
E8, 07, 00, 00, 00, 6A, 00, E8, 05, 01, 00, 00, 55, 8B, EC, 81, C4, F4, FB, FF, FF, 56, 57, 53, 6A, 00, E8, 04, 01, 00, 00, A3, 30, 30, 40, 00, C7, 45, F8, 00, 00, 00, 00, 6A, 0A, 68, 00, 30, 40, 00, 6A, 00, E8, DE, 00, 00, 00, 0B, C0, 74, 21, 89, 45, FC, FF, 75, FC, 6A, 00, E8, FD, 00, 00, 00, 89, 45, F4, FF, 75, FC, 6A, 00, E8, E4, 00, 00, 00, 0B, C0, 74, 03, 89, 45, F8, 83, 7D, F8, 00, 74, 32, 6A, 04, 68, 00, 10, 00, 00, FF, 75, F4, 6A, 00, E8, D8, 00, 00, 00, 8B, F8, FF, 75, F4, FF, 75, F8, 57, E8, BE...
 
[+]

Code size:
512 Bytes (512 bytes)

The file synthesia.9.x-patch.exe has been discovered within the following programs.

Synthesia  by Synthesia LLC
Publisher's description - “Synthesis bring SyncML compatibility to widespread mobile OS platforms like Android, PalmOS and Windows Mobile. This allows mobile over-the-air (OTA) synchronisation with any compliant SyncML server (such as Memotoo, GooSync.”
www.synthesiagame.com
About 6% of users remove it
 
Powered by Should I Remove It?

The file synthesia.9.x-patch.exe has been seen being distributed by the following 11 URLs.

https://mega.nz/temporary/.../WR41GBSa

https://mega.nz/persistent/.../LtJkVbLS

chrome-extension://bigefpfhnfcobdlfbedofhhaibnlghod/persistent/.../LtJkVbLS

Remove synthesia.9.x-patch.exe - Powered by Reason Core Security