Gridinsoft Logo
File Icon

0252a0532b877e6d06908d6dea31c3683d4c82cabad0ae9d2f9446297aa3267b.bin Hack Patcher Analysis

Updated 1 month ago
Checked by Malaware Check
0252a0532b877e6d06908d6dea31c3683d4c82cabad0ae9d2f9446297aa3267b.bin

Technical Analysis

File Name 0252a0532b877e6d06908d6dea31c3683d4c82cabad0ae9d2f9446297aa3267b.bin
File Type
PE32+ executable (GUI) x86-64, for MS Windows
Scanner Version 1.0.215.174
Database Version 2025-04-29 11:00:27 UTC

Hack.Win64.Patcher.cl

Malware family: Patcher

Patcher software modifies existing programs to bypass licensing restrictions or enable unauthorized use. These tools are associated with software piracy and may introduce security vulnerabilities or additional malware to systems.
N/A
Detection Rate
6,957,520
File Size (bytes)
2025-04-29
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
fb919774e31f4a14e76f84e73f4994cc
SHA1
20e46633422b7f1877b667a91c545f7937953f3d
SHA256
0252a0532b877e6d06908d6dea31c3683d4c82cabad0ae9d2f9446297aa3267b
SHA512
17ea0f41387c7e910674036fff8ca47188262f0848c613f7d748f1f45e600ce3a5d3e02d0d662a3e53b057be1ef1c4205c9b784630a2f75f25a9baadf4c0e2ab
ImpHash
84149ee299f7de87625baf2d86b7199c

PE Analysis

Basic Information

Icon
Hash: 51a6edb4a63a1b408b85c093c4bcc75e
Fuzzy: 73c7a1254d535734994db0e97b076f7d
dHash: 9672cccccccc7032
Image Base 0x140000000
Entry Point 0x1403b5990
Compilation Time 2022-10-16 14:43:19
Checksum 0x006a7374 (Actual: 0x006a7374)
OS Version 6.0
PEiD Signatures PE32+ executable (GUI) x86-64, for MS Windows
PDB Path AcroTray.pdb
Digital Signature The expected hash does not match the digest in SpcInfo
Imports 23 libraries
Exports 0 functions
Resources 24 Resources
Sections 7 Sections

Version Information

Comments
CompanyName Adobe Systems Inc.
FileDescription AcroTray
FileVersion 22.3.20263.0
InternalName AcroTray
LegalCopyright Copyright © Adobe Systems Inc. 1992-2022
LegalTrademarks
OriginalFilename AcroTray.exe
PrivateBuild
ProductName AcroTray - Adobe Acrobat Distiller helper application.
ProductVersion 22.3.20263.0
SpecialBuild
Translation 0x0409 0x04b0

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 4,598,236 bytes 4,598,272 bytes 6.31 (Normal) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 5FBAF9778D68711C06B8C637E2BC5901
.rdata 0x00464000 1,976,152 bytes 1,976,320 bytes 5.69 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 9492EA5E511567C84D73624BCA8A160A
.data 0x00647000 158,356 bytes 114,176 bytes 3.11 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE E2B92CCD84E82788CF948C4B8322B326
.pdata 0x0066e000 177,540 bytes 177,664 bytes 6.28 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 412C485C80A215E61A676CF8B79B1951
_RDATA 0x0069a000 252 bytes 512 bytes 2.46 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 92EBECD47F344B144454B51EDD266F3D
.rsrc 0x0069b000 9,760 bytes 10,240 bytes 3.36 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ B21F775DB1B83A1B1EE4CD355A8A9ACA
.reloc 0x0069e000 68,584 bytes 68,608 bytes 5.46 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ E1A8B834B7EC59B2BB2AEA340452775F

Resource Analysis

Total Resources: 24 (8,358 bytes)
Resource Type Count Total Size Percentage
RT_ICON 8 4,616 bytes
55.2%
RT_MENU 1 236 bytes
2.8%
RT_DIALOG 1 726 bytes
8.7%
RT_STRING 6 882 bytes
10.6%
RT_GROUP_ICON 6 148 bytes
1.8%
RT_VERSION 1 988 bytes
11.8%
RT_MANIFEST 1 762 bytes
9.1%

Certificate Chain Analysis

No Digital Signatures

This file is not digitally signed.

Security Implications:
  • Cannot verify the publisher's identity
  • Increased security risk when running this file
  • May trigger security warnings on some systems

⚠ This file either lacks a digital signature or the certificate chain could not be verified
Exercise caution when executing unsigned files from unknown sources

Certificate Verification Status

The expected hash does not match the digest in SpcInfo

Recommendation: Verify the file source and ensure it comes from a trusted publisher.

Hack.Win64.Patcher.cl Removal

Gridinsoft has the capability to identify and eliminate Hack.Win64.Patcher.cl without requiring further user intervention.

Download Anti-Malware

Removal Instructions

Follow these steps to completely remove the threat from your system

  1. Start by downloading Gridinsoft Anti-Malware to your computer.
  2. Double-click on the gsam-en-install.exe file and follow the on-screen instructions to install the program.
  3. Once the installation of Gridinsoft Anti-Malware is complete, the program will open on the Scan screen.
  4. Click on the "Standard Scan" button to begin scanning your computer for threats.
  5. After the scanning process is finished, click on "Clean Now" to remove any detected threats.
  6. If prompted, restart your system to complete the removal process and ensure all threats are eliminated.
Important: Before You Start
Disconnect from the internet to prevent the malware from spreading or downloading additional threats. Run the scan in Safe Mode for better detection and removal of persistent threats.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Your Score for

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Anti-Malware Download Now
Gridinsoft Anti-Malware