Gridinsoft Logo
File Icon

The adobe.snr.patch-painter.exe (Universal Adobe Patcher) File Analysis

Updated 9 months ago
Checked by Malaware Check
adobe.snr.patch-painter.exe

Technical Analysis

File Name adobe.snr.patch-painter.exe
File Type
Win32 EXE
Magic Bytes PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed
SSDEEP Hash
12288:HGsYlWDQfy1F8jr51lc+0vhOCF1dflSc46V1tKOGmixosyuC+muDXfvIFutmOyT1:msYlWDo5c+6hVdfAcJVi6iwvIDXYhlIo
Scanner Version 1.0.187.174
Database Version 2024-09-10 12:00:30 UTC

Suspicious File Detected

Detected by 49 security engines - requires caution

This file requires additional checking for potential threats. Based on suspicious indicators, we will soon add it to our virus database.

Patcher software modifies existing programs to bypass licensing restrictions or enable unauthorized use. These tools are associated with software piracy and may introduce security vulnerabilities or additional malware to systems.
67%
Detection Rate
631,808
File Size (bytes)
49/73
Engines Detected
2024-09-10
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
0d9b7abe952d6c1dc24750bf47969132
SHA1
982b2cb5d46d8409bb5f0d96efd93e7a9f8b80da
SHA256
9ec96e0facf95d1a08d4761aff436dac8318abd008c7284a4a22347069e8284d
SHA512
8cec775209e542a6ca3305ef90203f44fcc6a87a04d071e9e0600f19447f3f834b7d2921e0a33cec3ddc0970444e528da368c98b5f59bac85cde5e72f5c4fcba
ImpHash
d8d1fc350fee72ebbd94ef4364dc5cf0

Security Engines with Detections (49 of 73)

Bkav
W32.AIDetectMalware Malicious
Lionic
Trojan.Win32.Patcher.4!c Malicious
Elastic
malicious (moderate confidence) Malicious
MicroWorld-eScan
Application.Agent.GWI Malicious
CAT-QuickHeal
Trojan.Agen Malicious
Skyhigh
PUP-XEQ-DC Malicious
ALYac
Application.Agent.GWI Malicious
Cylance
Unsafe Malicious
VIPRE
Application.Agent.GWI Malicious
Sangfor
Hacktool.Win32.Patch.uljrg Malicious
CrowdStrike
win/grayware_confidence_100% (W) Malicious
K7GW
Unwanted-Program ( 004d38111 ) Malicious
K7AntiVirus
Unwanted-Program ( 004d38111 ) Malicious
Arcabit
Application.Agent.GWI Malicious
VirIT
Trojan.Win32.KillProc.BZLB Malicious
Symantec
Trojan.Gen.2 Malicious
ESET-NOD32
a variant of Win32/HackTool.Patcher.CH potentially unsafe Malicious
APEX
Malicious Malicious
TrendMicro-HouseCall
HKTL_PATCHER Malicious
Paloalto
generic.ml Malicious
ClamAV
Win.Virus.Virut-6723776-0 Malicious
BitDefender
Application.Agent.GWI Malicious
NANO-Antivirus
Trojan.Win32.Patcher.kpqjlb Malicious
SUPERAntiSpyware
Hack.Tool/Gen-Crack Malicious
Avast
FileRepPup [PUP] Malicious
Emsisoft
Application.Keygen (A) Malicious
TrendMicro
HKTL_PATCHER Malicious
McAfeeD
ti!9EC96E0FACF9 Malicious
FireEye
Application.Agent.GWI Malicious
Sophos
Generic ML PUA (PUA) Malicious
MAX
malware (ai score=91) Malicious
Webroot
Pua.Hacktool.Patcher Malicious
Google
Detected Malicious
Varist
W32/ABRisk.FBFZ-2879 Malicious
Antiy-AVL
Trojan/Win32.TSGeneric Malicious
Xcitium
ApplicUnwnt@#1mc930v9lqf6y Malicious
Microsoft
HackTool:Win32/Patch Malicious
ViRobot
Spyware.Agent.631808 Malicious
GData
Application.Agent.GWI Malicious
AhnLab-V3
HackTool/Win32.Patcher.C2926504 Malicious
McAfee
GenericRXAA-AA!0D9B7ABE952D Malicious
VBA32
Trojan.Occamy Malicious
Malwarebytes
Generic.Malware.AI.DDS Malicious
Yandex
Trojan.KillProc!MA+7Jtfux1w Malicious
Ikarus
Trojan.Win32.LockScreen Malicious
Fortinet
Riskware/Patcher Malicious
AVG
FileRepPup [PUP] Malicious
Cybereason
malicious.e952d6 Malicious
DeepInstinct
MALICIOUS Malicious
24 engines reported no threats - Only engines with detections are shown above for clarity

PE Analysis

Basic Information

Icon
Hash: 0c49f6e9a1673e17eee39353f01dc2e5
Fuzzy: 576ecd2faf9f51f278b311a802e03d90
dHash: 86b2e8ccd4f4aa92
Image Base 0x00400000
Entry Point 0x00592e70
Compilation Time 1992-06-19 22:22:17
Checksum 0x00000000 (Actual: 0x000a4a9e)
OS Version 4.0
PEiD Signatures PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed
Digital Signature The PE file does not contain a certificate table.
Imports 11 libraries
Exports 0 functions
Resources 95 Resources
Sections 3 Sections

Version Information

CompanyName PainteR
FileDescription Universal Adobe Patcher
FileVersion 1.5.0.0
InternalName Universal Adobe Patcher
LegalCopyright PainteR
OriginalFilename adobesnr.exe
ProductName Universal Adobe Patcher
ProductVersion 1.5.0.0
Translation 0x0409 0x04b0

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
UPX0 0x00001000 1,044,480 bytes 0 bytes 0.00 (Normal) IMAGE_SCN_CNT_UNINITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE D41D8CD98F00B204E9800998ECF8427E
UPX1 0x00100000 606,208 bytes 602,624 bytes 7.93 (Packed/Encrypted) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 5D0380D22A91F2030B51B54E507FF79D
.rsrc 0x00194000 28,672 bytes 28,160 bytes 5.50 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 258FBE0F56A8A9C446B051A4C29AC137
Entropy Analysis Alert

1 section(s) with high entropy (≥7.5) detected - possible packing/encryption

Resource Analysis

Total Resources: 95 (200,266 bytes)
Resource Type Count Total Size Percentage
RT_CURSOR 8 2,464 bytes
1.2%
RT_BITMAP 29 15,556 bytes
7.8%
RT_ICON 4 19,636 bytes
9.8%
RT_DIALOG 1 82 bytes
0%
RT_STRING 25 12,576 bytes
6.3%
RT_RCDATA 17 147,698 bytes
73.8%
RT_GROUP_CURSOR 8 160 bytes
0.1%
RT_GROUP_ICON 1 62 bytes
0%
RT_VERSION 1 736 bytes
0.4%
RT_MANIFEST 1 1,296 bytes
0.6%

Certificate Chain Analysis

Certificate Information
Product Universal Adobe Patcher
Description Universal Adobe Patcher
File Version 1.5.0.0
Original Name adobesnr.exe
Internal Name Universal Adobe Patcher
Copyright PainteR

✓ This file has been digitally signed and the certificate chain has been verified

  • The signature ensures file integrity and authenticity from the publisher
  • Timestamping proves when the signature was applied
Certificate Verification Status

The PE file does not contain a certificate table.

Recommendation: Verify the file source and ensure it comes from a trusted publisher.

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
49 antivirus engines detected potential threats. This could be a false positive, especially for system tools or packed software. Verify the file source and check if it's digitally signed by a trusted publisher.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Your Score for

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Anti-Malware Download Now
Gridinsoft Anti-Malware