home

finereader 11 pro.exe

OOO Soft-Media

The application finereader 11 pro.exe by OOO Soft-Media has been detected as adware by 25 anti-malware scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from loading-files.ru.
Publisher:
OOO Soft-Media  (signed and verified)

MD5:
08dd5779dc794b6e010d5215207df2d1

SHA-1:
e320a77253ed4f90adf3551235c71868815ecb00

SHA-256:
45e12f39f528ee6f56347eb2f5121a1cb9ee50cf07c1f879699212211e246edc

Scanner detections:
25 / 68

Status:
Adware

Analysis date:
4/25/2024 11:30:40 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.Generic.11064901
912

Agnitum Outpost
PUA.Downloader
7.1.1

Avira AntiVirus
Adware/Webalta.ipq.1
7.11.165.192

avast!
Win32:Webalta-M [PUP]
140617-1

AVG
Adware Generic5.AQQF
2014.0.3986

Bitdefender
Trojan.Generic.11064901
1.0.20.1095

Comodo Security
Application.Win32.Agent.WEBT
19110

Dr.Web
Adware.Downware.2268
9.0.1.05190

Emsisoft Anti-Malware
Trojan.Generic.11064901
8.14.08.07.07

ESET NOD32
Win32/AdWare.Toolbar.Webalta.ET application
7.0.302.0

F-Prot
W32/A-f327c0db
v6.4.7.1.166

F-Secure
Trojan.Generic.11064901
11.2014-07-08_5

G Data
Trojan.Generic.11064901
14.8.24

IKARUS anti.virus
Trojan.SuspectCRC
t3scan.1.6.1.0

K7 AntiVirus
Adware
13.183.12981

Kaspersky
not-a-virus:HEUR:Downloader.Win32.LMN
15.0.0.494

McAfee
PUP-FIS
5600.7046

MicroWorld eScan
Trojan.Generic.11064901
15.0.0.657

NANO AntiVirus
Trojan.Win32.LMN.cvonzr
0.28.2.61349

nProtect
Trojan.Generic.11064901
14.08.07.01

Panda Antivirus
Trj/Dtcontx.L
14.08.07.07

Reason Heuristics
PUP.OOOSoftMedia.R
14.7.31.23

Sophos
WebAlta Toolbar
4.98

Vba32 AntiVirus
Signed-Downware.InstallMonstr
3.12.26.3

VIPRE Antivirus
Threat.4150696
31208

File size:
2.2 MB (2,339,880 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\finereader 11 pro.exe

Digital Signature
Signed by:
OOO Soft-Media

Authority:
COMODO CA Limited

Valid from:
10/16/2013 4:00:00 AM

Valid to:
10/17/2014 3:59:59 AM

Subject:
CN=OOO Soft-Media, O=OOO Soft-Media, STREET="Sovetskaya Ulitsa, 142", L=Irkutsk Gorod, S=Moscow, PostalCode=664009, C=RU

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00EF2A3EF42C4224E0B9C35ACC1217B079

File PE Metadata
Compilation timestamp:
6/20/1992 2:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:5S/3nXkHx4uXC9fJm8xifgI0rKYGmlmkPsTOGt8GtmEaRE9dO:k/XM4P9Ro5DkPmOtR

Entry address:
0x6FF90

Entry point:
55, 8B, EC, 83, C4, F0, B8, A0, FD, 46, 00, E8, C4, 67, F9, FF, A1, 30, 28, 47, 00, 8B, 00, E8, 1C, 5A, FE, FF, 8B, 0D, 54, 26, 47, 00, A1, 30, 28, 47, 00, 8B, 00, 8B, 15, D8, AF, 46, 00, E8, 1C, 5A, FE, FF, 8B, 0D, 30, 26, 47, 00, A1, 30, 28, 47, 00, 8B, 00, 8B, 15, 28, AD, 46, 00, E8, 04, 5A, FE, FF, 8B, 0D, 98, 28, 47, 00, A1, 30, 28, 47, 00, 8B, 00, 8B, 15, A8, FB, 46, 00, E8, EC, 59, FE, FF, A1, 30, 28, 47, 00, 8B, 00, E8, 60, 5A, FE, FF, E8, 8B, 42, F9, FF, 8D, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
444.5 KB (455,168 bytes)

The file finereader 11 pro.exe has been seen being distributed by the following URL.

http://loading-files.ru/go.php?query=707-aHR0cDovL2xvYWRzLWJlc3QucnUvYWJieXlfZmluZXJlYWRlcl8xMS56aXA=-RmluZVJlYWRlciAxMSBQcm8=

Remove finereader 11 pro.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.