» universalmastercode.exe
Overview
Analysis
File Details
Downloads (1)

universalmastercode.exe

darmiles

The executable universalmastercode.exe, “universal calculator ” has been detected as malware by 7 anti-virus scanners. The file has been seen being downloaded from www.patchworkoftips.com.

File name:

Publisher:

darmiles

Description:

universal calculator

Version:

1.0.0.0

MD5:

46696d2f59f0e851fef1a9bd7112472d

SHA-1:

086581912c9eabfce52963169eb0ed1c27958a90

SHA-256:

26596742bad8d98b71cdf7a5156d62160ac831f1f60feed3972dd09fb68827ee

Scanner detections:

7 / 68

Status:

File is infected by a Virus

Explanation:

The file is infected by a polymorphic file infector virus.

Analysis date:

4/23/2025 10:25:04 PM UTC (today)

Scan engine

Detection

Engine version

avast!

Win32:Virtu-A

160216-3

Dr.Web

Win32.Virut.56

9.0.1.05190

ESET NOD32

Win32/Virut.NBP virus

8.0.319.0

Kaspersky

Virus.Win32.Virut

15.0.0.562

McAfee

Virus.W32/Virut.n.gen

18.0.204.0

Norman

Win32.Virtob.Gen.12

29.02.2016 03:11:57

Sophos

Virus 'W32/Scribble-B'

5.23

File size:

606.5 KB (621,056 bytes)

Product version:

4.0.0.0

darmiles soft

Trademarks:

darmiles soft

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\downloads\universalmastercode.exe

File PE Metadata

Compilation timestamp:

9/26/2008 10:14:06 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

6144:d7z+GzDFO0FbqlBXzr5awT2vBENqbjlkBpk8hux7A6g4/lo1XHDaFYYI9qOx:x+GzJOkbajrgw6ZIqbkpNhSu4NoFDa

Entry address:

0x9DA24

Entry point:

FC, 83, 3C, 24, FE, 77, FE, 8D, 64, 24, CC, 83, F4, 00, 60, F7, D3, 83, EC, DC, 8A, FA, E8, A4, 01, 00, 00, 4B, 66, 4B, 75, FC, 08, DE, B2, E2, FF, 73, 3C, 46, 59, 8D, 01, 8D, 46, C1, 81, E9, FD, FF, FF, 7F, 73, E5, B4, 31, 9F, FC, 81, D9, E6, 13, 00, 00, 71, D9, 30, DE, 4F, 46, FF, B4, 19, E4, 13, 00, 80, 83, C4, 04, 8A, C3, 66, 81, 44, 24, FC, B0, BA, 75, C0, 20, D2, FE, CC, 68, D8, 7E, BD, D8, 83, E9, 12, 80, F2, 38, E8, 5F, 00, 00, 00, 89, 74, 24, 44, E8, AB, 03, 00, 00, 86, CE, 89, 44, 24, 34, 83, E8... 
[+]

Entropy:

6.4266

Code size:

413 KB (422,912 bytes)

The file universalmastercode.exe has been seen being distributed by the following URL.

http://www.patchworkoftips.com/.../UniversalMasterCode.exe

Remove universalmastercode.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.