» synthesia.9.x-patch.exe
Overview
Analysis
File Details
Programs (1)
Downloads (11)

synthesia.9.x-patch.exe

The application synthesia.9.x-patch.exe has been detected as a potentially unwanted program by 25 anti-malware scanners. This is a setup program which is used to install the application. This file is typically installed with the program Synthesia by Synthesia LLC. The file has been seen being downloaded from mega.nz and multiple other hosts.

File name:

MD5:

1d29457a8333131b90bdb6294a54334f

SHA-1:

f8b189f59f30b3cc9e5a27b51c6c618ddc2d8522

SHA-256:

4e3ef1a24692863fe53daa1ae020757ab1ccded83f9c957e96053c5586fc6d03

Scanner detections:

25 / 68

Status:

Potentially unwanted

Analysis date:

11/5/2024 1:56:40 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Dropped:Application.Patch.FM

973

Agnitum Outpost

Riskware.HackTool

7.1.1

AhnLab V3 Security

Packed/Win32.Morphine

2014.06.03

avast!

Win32:Patcher-AK [PUP]

2014.9-140607

AVG

Crack

2015.0.3451

Bitdefender

Dropped:Application.Patch.FM

1.0.20.790

Bkav FE

W32.Clodd0f.Trojan

1.3.0.4959

Comodo Security

TrojWare.Win32.Agent.WFN

18409

ESET NOD32

Win32/HackTool.Patcher.AD (variant)

8.9882

Fortinet FortiGate

Riskware/GamePatcher

6/7/2014

F-Prot

W32/Agent.KFY

v6.4.7.1.166

G Data

Dropped:Application.Patch.FM

14.6.24

IKARUS anti.virus

Application.Patch

t3scan.1.6.1.0

K7 AntiVirus

Trojan

13.178.12278

Malwarebytes

PUP.Riskware.Patcher

v2014.06.07.05

McAfee

Artemis!1D29457A8333

5600.7107

MicroWorld eScan

Dropped:Application.Patch.FM

15.0.0.474

Norman

Suspicious_Gen.WV

11.20140607

Qihoo 360 Security

Win32/Application.bbe

1.0.0.1015

Reason Heuristics

Threat.Win.Reputation.IMP

14.6.7.5

Sophos

Troj/Agent-WFN

4.98

SUPERAntiSpyware

Trojan.Agent/Gen-Patcher

10559

Trend Micro House Call

TROJ_GEN.R08OC0EL913

7.2.158

Trend Micro

TROJ_GEN.R08OC0EL913

10.465.07

VIPRE Antivirus

Trojan.Win32.Agent.wfn

29870

File size:

332.5 KB (340,480 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\synthesia-9.0\synthesia.9.x-patch.exe

File PE Metadata

Compilation timestamp:

12/21/2012 9:59:46 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

6144:iizA2BNWNtmPw3EQspXOZldahs4rZVTDne0UDtCJotu:it2iNwS7speZvX4tZenJa2

Entry address:

0x102B

Entry point:

E8, 07, 00, 00, 00, 6A, 00, E8, 05, 01, 00, 00, 55, 8B, EC, 81, C4, F4, FB, FF, FF, 56, 57, 53, 6A, 00, E8, 04, 01, 00, 00, A3, 30, 30, 40, 00, C7, 45, F8, 00, 00, 00, 00, 6A, 0A, 68, 00, 30, 40, 00, 6A, 00, E8, DE, 00, 00, 00, 0B, C0, 74, 21, 89, 45, FC, FF, 75, FC, 6A, 00, E8, FD, 00, 00, 00, 89, 45, F4, FF, 75, FC, 6A, 00, E8, E4, 00, 00, 00, 0B, C0, 74, 03, 89, 45, F8, 83, 7D, F8, 00, 74, 32, 6A, 04, 68, 00, 10, 00, 00, FF, 75, F4, 6A, 00, E8, D8, 00, 00, 00, 8B, F8, FF, 75, F4, FF, 75, F8, 57, E8, BE... 
[+]

Code size:

512 Bytes (512 bytes)

The file synthesia.9.x-patch.exe has been discovered within the following programs.

Synthesia by Synthesia LLC

Publisher's description - “Synthesis bring SyncML compatibility to widespread mobile OS platforms like Android, PalmOS and Windows Mobile. This allows mobile over-the-air (OTA) synchronisation with any compliant SyncML server (such as Memotoo, GooSync.”

www.synthesiagame.com

About 6% of users remove it

The file synthesia.9.x-patch.exe has been seen being distributed by the following 11 URLs.

https://mega.nz/temporary/.../WR41GBSa

https://mega.nz/persistent/.../LtJkVbLS

chrome-extension://bigefpfhnfcobdlfbedofhhaibnlghod/persistent/.../LtJkVbLS

https://mega.nz/temporary/.../WIZHjZAR

https://mega.nz/persistent/.../WIZHjZAR

https://mega.nz/temporary/.../LtJkVbLS

http://dc430.4shared.com/download/.../synthesia9x-patch.exe

https://mega.nz/persistent/.../WR41GBSa

https://mega.nz/persistent/.../yFsxxKRQ

https://mega.nz/temporary/.../yFsxxKRQ

http://download1288.mediafire.com/ba39n8ozt95g/.../Synthesia 9.x-patch.exe

Remove synthesia.9.x-patch.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.