vegas pro 12 patch.exe

The application vegas pro 12 patch.exe has been detected as a potentially unwanted program by 25 anti-malware scanners. This is a setup program which is used to install the application. Accoriding to the detections, it is a variant of Zbot (Zeus), a trojan that attempts to steal confidential information (online credentials, and banking details) from a compromised computer and send it to online criminals via a command-and-control server. The file has been seen being downloaded from mega.nz and multiple other hosts.
MD5:
9ce24ef65f2af35e42079ea84b535097

SHA-1:
fb2b10c924e107597aabf49d5bb6c624ac10e3b4

SHA-256:
903bcf62888ce93b6b7e29a6c6243bf0f11931b5db02c703cd7ea857737c2358

Scanner detections:
25 / 68

Status:
Potentially unwanted

Analysis date:
11/6/2024 1:57:03 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Graftor.105398
1127

Agnitum Outpost
RiskTool.Patcher
7.1.1

avast!
Win32:Patcher-AK [PUP]
2014.9-140104

AVG
Generic32
2015.0.3605

Bitdefender
Gen:Variant.Graftor.105398
1.0.20.20

Bkav FE
W32.Clodaad.Trojan
1.3.0.4923

Comodo Security
Heur.Suspicious
17633

Emsisoft Anti-Malware
Gen:Variant.Graftor.105398
8.14.01.04.09

ESET NOD32
Win32/HackTool.Patcher.AD (variant)
8.9307

F-Secure
Gen:Variant.Graftor.105398
11.2014-04-01_7

G Data
Gen:Variant.Graftor.105398
14.1.24

IKARUS anti.virus
RiskTool.Patcher.VegasPro12
t3scan.2.2.29

Malwarebytes
PUP.RiskwareTool.CK
v2014.01.04.09

McAfee
RDN/Generic PUP.z!do
5600.7261

Microsoft Security Essentials
HackTool:Win32/Patcher
1.165.247.01

MicroWorld eScan
Gen:Variant.Graftor.105398
15.0.0.12

NANO AntiVirus
Trojan.Win32.RiskTool.yflmr
0.28.0.57029

Panda Antivirus
Trj/OCJ.A
14.01.04.09

Quick Heal
Trojan.Agent.ni
1.14.12.00

Rising Antivirus
PE:Trojan.Win32.Generic.13254D29!321211689
23.00.65.14102

Sophos
Troj/Agent-WFN
4.96

Trend Micro House Call
CRCK_PATCH
7.2.4

Trend Micro
CRCK_PATCH
10.465.04

VIPRE Antivirus
Trojan.Win32.Agent.wfn
25542

ViRobot
Trojan.Win32.A.Zbot.945664
2011.4.7.4223

File size:
923.5 KB (945,664 bytes)

File type:
Executable application (Win32 EXE)

File PE Metadata
Compilation timestamp:
5/2/2012 7:50:41 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
24576:GH8IaQCKJRb1diDo/FF7WrBbHWP/CTi92K:y8tQCkbG0dFirBqHCTi92K

Entry address:
0x102B

Entry point:
B8, 14, 52, 53, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, 0C, 5A, 23, F6, 29, C3, 54, 94, 32, E7, 9A, A2, 31, 13, 7E, 40, E3, F1, 4D, 6A, 06, 58, BE, 40, F3, 4F, FC, 4B, 17, 25, 4B, F5, 04, 45, BD, 4E, 7E, 40, 1B, CD, DB, F6, 8B, 79, 59, 78, F4, B3, 82, D4, 2A, B1, 5F, C4, 15, 56, 74, 96, 07, 2D, 5C, 8C, 34, 51, 06, 21, B9, 54, 22, 4D, 17, 22, E2, DD, 93, D8, DE, 83, 12, 2A, 09, 72, 9B, 8A, 7C, D1, 16, 6F, 17, 01, 15, DA, FC...
 
[+]

Packer / compiler:
PECompact v2

Code size:
512 Bytes (512 bytes)

The file vegas pro 12 patch.exe has been seen being distributed by the following 31 URLs.

https://mega.nz/temporary/.../iFpQRSBK

https://mega.nz/persistent/.../hVFmFBrD

https://mega.nz/temporary/.../NNBXhAJZ

http://dc703.4shared.com/download/.../Crack_sony_vegas_pro_12.exe

http://www57.zippyshare.com/d/54755887/.../vegas.pro.12-patch.exe

https://download-4bqx0l5zip0phs79bevflhwjk.wetransfer.com/download/?unique=5ca8567b7c59ffb86417d6f2973ffbbc20150828162758&profile=wetransfer-eu1&filename=Vegas Pro 12 Patch (64-bit).exe&expiration=1440846662&escaped=false&signature=c866506358971c96bce4fcb4b596abc824df363467ac87e5175bd0a793ab8573&callback={"formdata":{"action":"https://www.wetransfer.com/api/v1/transfers/5ca8567b7c59ffb86417d6f2973ffbbc20150828162758/.../4587a1f25556ebacd21159af0aa46f1320150828162758"},"form":{"status":["param","status"],"download_id":"1012744333"}}

https://mega.nz/temporary/.../hVFmFBrD

about:internet

Latest 30 of 31 download URLs

Remove vegas pro 12 patch.exe - Powered by Reason Core Security