Crack

Win32/Patched.HN removal tips

Malware Removal

The Win32/Patched.HN is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Win32/Patched.HN virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Dynamic (imported) function loading detected
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Presents an Authenticode digital signature
  • Possible date expiration check, exits too soon after checking local time
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Win32/Patched.HN?


File Info:

name: F7FFB41363DFF77344E1.mlw
path: /opt/CAPEv2/storage/binaries/65415e836b8c1dad1a1d5b0a347dcc4ffbe1cf33673d93fded0ee3dafae6d4db
crc32: 0956EEEF
md5: f7ffb41363dff77344e1b692d1bd6490
sha1: 07233cbc59dcc6980bbd107962e4e153d1c6de10
sha256: 65415e836b8c1dad1a1d5b0a347dcc4ffbe1cf33673d93fded0ee3dafae6d4db
sha512: 15ea5299ce3d8471503c37422bbba98116ad1e1144761d4897baa9098f7df2f1defac902071d89c11fcad2bab61e270bca9a6bcb7f9130c8c8a668ce45a3f5b1
ssdeep: 24576:xdJ+JFSU6tY6miHRIOz/r4JLlcLm5E/hhKpe4EkxFKTxBnd7hmET386FF3:/BUiPoLmjkxFI7hmETs6FF
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T1C755AE36F7CFC172D98311B18829472DDB3699442B249FD3D7A41F0A8D622D2BD3A25E
sha3_384: f5fb0f0a52355f869c75e015e98585c7b20413ff41a28a03178f7a87d6a24832c5f18677595198a76f8b5ac841c24336
ep_bytes: 6890434b00e934060000e80f00000043
timestamp: 2011-08-04 12:33:05

Version Info:

CompanyName: LogMeIn Inc.
FileDescription: Hamachi Client Tunneling Engine
FileVersion: 2, 1, 0, 122
InternalName: h2-engine
LegalCopyright: Copyright (C) LogMeIn Inc. 2004-2011
OriginalFilename: hamachi-2.exe
ProductName: Hamachi Client
ProductVersion: 2, 0, 0, 0
Translation: 0x0409 0x04b0

Win32/Patched.HN also known as:

BkavW32.PatchedZB.PE
DrWebTrojan.Starter.1695
MicroWorld-eScanTrojan.Patched.HE
FireEyeTrojan.Patched.HE
CAT-QuickHealW32.Patchload.O
ALYacTrojan.Patched.HE
CylanceUnsafe
K7AntiVirusTrojan ( 0026f5d91 )
K7GWTrojan ( 0026f5d91 )
Cybereasonmalicious.363dff
VirITWin32.Yoshi.E
CyrenW32/Patched.G
Elasticmalicious (high confidence)
ESET-NOD32Win32/Patched.HN
TrendMicro-HouseCallPTCH_KATUSHA.W
ClamAVWin.Trojan.Patched-143
KasperskyTrojan.Win32.Patched.mf
BitDefenderTrojan.Patched.HE
NANO-AntivirusTrojan.Win32.Patched.dwgwe
AvastWin32:Patched-WQ [Trj]
TencentVirus.Win32.Patched.mf
Ad-AwareTrojan.Patched.HE
TACHYONVirus/W32.Patched.Gen
EmsisoftTrojan.Patched.HE (B)
ComodoTrojWare.Win32.Patched.HN@3bsert
BaiduWin32.Virus.Loader.l
ZillyaTrojan.Patched.Win32.38141
TrendMicroPTCH_KATUSHA.W
McAfee-GW-EditionW32/Katusha
SophosW32/Patched-AL
IkarusVirus.Win32.Patchload
GDataTrojan.Patched.HE
JiangminTrojanSpy.Zbot.adxr
AviraW32/Patchload.A
ArcabitTrojan.Patched.HE
ViRobotWin32.Patched.BE
MicrosoftVirus:Win32/Patchload.O
CynetMalicious (score: 100)
AhnLab-V3Win-Trojan/Patched.DD
McAfeeW32/Katusha
MAXmalware (ai score=81)
VBA32Trojan-Spy.Zbot.gen
MalwarebytesMalware.AI.471752596
RisingVirus.Loader!1.9B09 (CLASSIC)
YandexWin32.Katusha.Gen
MaxSecureVirus.W32.Patched.MF
FortinetW32/Patched.MF!tr
AVGWin32:Patched-WQ [Trj]
PandaW32/Katusha.BN
CrowdStrikewin/malicious_confidence_70% (W)

How to remove Win32/Patched.HN?

Win32/Patched.HN removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment