» pdf995s_v10.1_setup.exe
Overview
Analysis
File Details
Downloads (36)

pdf995s_v10.1_setup.exe

Software995 Inc.

The application pdf995s_v10.1_setup.exe by Software995 has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup and installation application and has been known to bundle potentially unwanted software. The file has been seen being downloaded from gsf-cf.softonic.com and multiple other hosts.

File name:

Publisher:

Software995 Inc. (signed and verified)

MD5:

6e8d31f93fed50ab8552f2c7d608e2f5

SHA-1:

1d851de05e09d6be03b8b2588a364f4d52d4fc89

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

4/26/2024 6:11:56 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.Installer.Software995.S

14.2.23.18

File size:

2.6 MB (2,685,840 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\pdf995\!setup\pdf995s_v10.1_setup.exe

Digital Signature

Signed by:

Software995 Inc.

Authority:

Thawte, Inc.

Valid from:

4/10/2011 7:00:00 PM

Valid to:

6/20/2013 6:59:59 PM

Subject:

CN=Software995 Inc., O=Software995 Inc., L=Palo Alto, S=California, C=US

Issuer:

CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:

6BB7063A11FD2AA49804173F6CB3AEC7

File PE Metadata

Compilation timestamp:

11/2/2009 2:24:15 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

CTPH (ssdeep):

49152:nbZVgArncq8PQ5/uPp2kFn5hMEyjN4USqKlrFNupGBwxochi22RiQ:nb3VrcLPQkwO5hME7YpGHXJ

Entry address:

0xAF1E

Entry point:

E8, 6E, 4A, 00, 00, E9, 16, FE, FF, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, D0, 4B, 42, 00, 89, 0D, CC, 4B, 42, 00, 89, 15, C8, 4B, 42, 00, 89, 1D, C4, 4B, 42, 00, 89, 35, C0, 4B, 42, 00, 89, 3D, BC, 4B, 42, 00, 66, 8C, 15, E8, 4B, 42, 00, 66, 8C, 0D, DC, 4B, 42, 00, 66, 8C, 1D, B8, 4B, 42, 00, 66, 8C, 05, B4, 4B, 42, 00, 66, 8C, 25, B0, 4B, 42, 00, 66, 8C, 2D, AC, 4B, 42, 00, 9C, 8F, 05, E0, 4B, 42, 00, 8B, 45, 00, A3, D4, 4B, 42, 00, 8B, 45, 04, A3, D8, 4B, 42, 00, 8D, 45, 08, A3, E4, 4B, 42, 00, 8B... 
[+]

Entropy:

7.9769 (probably packed)

Code size:

76 KB (77,824 bytes)

The file pdf995s_v10.1_setup.exe has been seen being distributed by the following 36 URLs.

http://gsf-cf.softonic.com/1d8/51d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=19141&instance=softonic_en&type=PROGRAM&Expires=1476232051&Signature=Bl9Lm-q~lohX4Q4Rocw-mH97wz1rOqunElu16Zjif2qdunodOZdOwatWywtv4L6~PxjczBvNYTD51VT8MmbpvRTfG7drgM6odZctGzHns0LvLMATliWI8hs-qXEPt98BbczRRXwzME93VTfJM74hgu3QgUOhzcHhNgF3FYVIrMg_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=pdf995s.exe

http://gsf-cf.softonic.com/1d8/51d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=19141&instance=softonic_en&type=PROGRAM&Expires=1487378405&Signature=ADFz4ryY3oo9P8pzsWaQH2pzPCVSEl0-SKNxzDd8prmpjYvI3RlXTaNzP5ZZZLTnUc4SdVFSTAz2FzHkDjocN-UJrYIHObU8BjBDENRFMEh2AFNMmvTwsrE~Vnopr0UAjZdtOo85B1cjX7g5gXSugOPvi03jHRNDfZ50J2dw8PA_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=pdf995s.exe

http://gsf-cf.softonic.com/1d8/51d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=19141&instance=softonic_en&type=PROGRAM&Expires=1440124637&Signature=iTLrN33rYneHrXHs8YfyF2DrW1jXnaqCdJWlC9r4DeNA5ukSKqVyCZeDxJOmR-NStMGu-zU3NAbPHtXL0keSg3hhZviwNEhCELEhZUbZemJ11wmzvCdOo3LTDPF6vuYgqFlNXwmKlAAog4Aa19H0FnyLGzJjivR-z2Dhddu1CHs_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=pdf995s.exe

http://gsf-cf.softonic.com/1d8/51d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=19141&instance=softonic_en&type=PROGRAM&Expires=1430937505&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=NmeNrEaiGqvLrJQ7IQr77P5vlC9T9V7Ma~6-Jc5QvKY2I7XbU5rm7bA3Xe36b4Oj7TynNJPUilPLbvlY4g5ObcoDI3T2qPn9OT0uxGMgVCSkUdWww8jeDQxfBTSoKYxOfOPCuIOhXkFOgsGNK-4wl86YU-Etr5Ivfs8HskPBAcM_&filename=pdf995s.exe

http://gsf-cf.softonic.com/1d8/51d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=19141&instance=softonic_en&type=PROGRAM&Expires=1476453502&Signature=Fczk94qAC7hGbmALqJtfQCvdDvhsTi37hkieVhCMoN-8DhbO5iL-6tGAs6E3fCEC0hTNeRvj2X21g362xd7LgUM2Vi7hZqA6jazWbzv2mRHnJYPTTAtyrdMA-eMc9ChUwPgW0~JvmIMjeytNUddhNy~GKFVFCFIuV~pG-VGwmys_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=pdf995s.exe

http://gsf-cf.softonic.com/1d8/51d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=19141&instance=softonic_en&type=PROGRAM&Expires=1449961936&Signature=Xb4ibAOnSA0gkF8dHplqOWr1CkKOemWN~ssd62ptSg0i8tTXRrHpUxC3BWwsByAA4jmUXBKTzbLLdxsBuYITei5LgjX-TxusgNjHN9YVCdd17RiQ4hyzBMRhk8DTgdqQgx9ghC-RF5uJ2zkjg~i0g3Irruo1pznstYH-Q3EzxpQ_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=pdf995s.exe

http://gsf-cf.softonic.com/1d8/51d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=19141&instance=softonic_en&type=PROGRAM&Expires=1457018828&Signature=d66du-z1Fu~oWaVFNQ0ihYkzdM2XhWp8w9~tRXiYtke2QFZLAcsJLQgMngV96bvUuJ2HjIoBuDcw~05HEyh3XxGEFCc2GRBz8QZQe-Nt9q9q8-876Dt2y~HLJLt8MjbURojoXFlzgnJFEEaO8oJJ-TQlb6fg7r0vQ7YcBVz7fJ0_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=pdf995s.exe

http://gsf-cf.softonic.com/1d8/51d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=19141&instance=softonic_en&type=PROGRAM&Expires=1446416680&Signature=D6scZ7HNDUUcEI46mHl2rBxnkVYqbwigPzj6SHKrO1p2CDayEvpkm3s74VTGemAktCpZezN5MNYLKs0aDaLJQwf44CtyVaNxtf4wG8acDN1Rc4AOowoBcqvmT0d0gfu0zl34VAHkZSialt854GzyX7aByzS6kfJYb~JS~-VmCTY_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=pdf995s.exe

http://gsf-cf.softonic.com/1d8/51d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=19141&instance=softonic_en&type=PROGRAM&Expires=1464455859&Signature=Bi4txTyfZ72FMpFVXbSR47Amt-Ro2YK~UDIsVGD877B~aAF-~y5yPuVT9d1sPMfehHg4DngBkRT-4TtDBflD3hIgOO5Bp2G65BPUMj03W4UK0i7noTu7aPz2ReBECrR-ZBIrod8EbY8WZshyEvog6X3OtcsD1lKLb~W-XEPNqgA_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=pdf995s.exe

http://gsf-cf.softonic.com/1d8/51d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=19141&instance=softonic_en&type=PROGRAM&Expires=1456641613&Signature=eHAGzIYjKgOTGtGKrJJv~UvalrIHVy6t6YvInnzP3ZUF498kTjAvpfjStr-PvHrTH-~fYbXDeTsPIM3OcoU5ZEsrdaoez4TXTlyebT~ebaVTeVUA-djF9RoTbEUDCmi6r6M~ofJDBtffMC9qfyMKKm6XeHdLfMEvS7dN5d3Et18_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=pdf995s.exe

http://gsf-cf.softonic.com/1d8/51d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=19141&instance=softonic_en&type=PROGRAM&Expires=1478233364&Signature=TEoCQoG0RMTJTUIFVwMY5PejkzpVZ9p8HMbnF2Eolh42dxt7ODTsypg9H716-79WgG6b0OITfK5KzfQr76VJ09UWrNgj6g-BGVwGdabGXIlkiYm0fJ93TSeDsrKNQLzJfCYJPrGOdFtWQFZKf2sMFhMTss0bpVzJsIg4adXYFA4_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=pdf995s.exe

http://gsf-cf.softonic.com/1d8/51d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=19141&instance=softonic_en&type=PROGRAM&Expires=1443901973&Signature=Lx~Gw1FNNmVZ0MBYmxouqn-DIaMZ9dKkjeRiT8xDXqCvzGjqHCG3az~wQs-i93B6eRNPfGXAaEOS6Ke4U6JqvkQ3XoBNNl72wHxvVIaL~1sVqalogvaf8xp7sEcYHHYQO625J9RWU7uo8Z1TkRxiRaDTFwv5gR-RfyQYqOLhh70_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=pdf995s.exe

http://gsf-cf.softonic.com/1d8/51d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=19141&instance=softonic_en&type=PROGRAM&Expires=1477562265&Signature=dDLtja22Ng~3JfYj8z7Lj0wkHUs15sLPh8J1ggWi8iBTHLqhGFgTXYGie0D64bdDOVgNSdPUdknAMjnhWoaExTAzPak33laSIyIAYnArdRgJqbA4-C14BX29EOe9Oe7RyBPrykxn-nl4f3kQLriCgdeRMkKp3Zqjh~NIpoBcwtk_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=pdf995s.exe

http://gsf-cf.softonic.com/1d8/51d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=19141&instance=softonic_en&type=PROGRAM&Expires=1452917077&Signature=f5hhpqX3Sxo4qg8jOnAYW~PkoXBy0afC9oOa728Yy~CtMuole-dPniMX3aG9WI915yB2Z7oQVr8UiaNfrkhFd4U6OHiNojg8yV8FfmVqPxQjuz3JAYdRuEiXcRbxrYk81ZO~SEUbxI5k-W-IhUN-~4-ZQ2F8NkD54Y5N-m1X9gM_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=pdf995s.exe

http://gsf-cf.softonic.com/1d8/51d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=19141&instance=softonic_en&type=PROGRAM&Expires=1477778854&Signature=NQc-h8IbCZYpmkd7QPElw5e0t4iyrmmaa3d~8p5sg8zTbFHQAmHxKOJVfwFv6pqj2CL55lgpVzHq1gBbIno-B86gpbjJEfYJ9f04C9GbMR4HZFZV4EtO05802FG77H-b7DVT-UEM0O8z~AnGJHnF8iW2pJSKz8nExEL1ljUNyYk_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=pdf995s.exe

http://gsf-cf.softonic.com/1d8/51d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=19141&instance=softonic_en&type=PROGRAM&Expires=1477509544&Signature=TGrgAgHIsrFsfqdmkIAiknGAnywHPWoCPgMT3dxItf4PDcEfjn7E3Ue80PEJiKYqs4kD~jGVceBELTUvNkT-qzTzhYRGW-ZtBo3JN-G6krVZNOQFFppwAD-oFz8jTXD7Dz7wsOE~0vKM89ZQOj9bNbzW1kDLLX5vR9wqkRdW8mY_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=pdf995s.exe

http://gsf-cf.softonic.com/1d8/51d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=19141&instance=softonic_en&type=PROGRAM&Expires=1478505914&Signature=Yei1ZcnxXfJowNPM8LRdS5UBvWtNsW~3iZ-ouTgX87lwtFASmNYoTdnTThKOJ~oLoCSvZlciO-Q8YNfORMd3plncF8D1TSTOVTv3FffKfyjSB0Kgk3eBkFyouG8AOb03uEyu77VH9tjtS2oJPYvdQGNiR4~BTAUfQ1woIVBG2nA_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=pdf995s.exe

http://gsf-cf.softonic.com/1d8/51d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=19141&instance=softonic_en&type=PROGRAM&Expires=1446508574&Signature=PyCkYijWMKozOeqwFyf8se2ovKn9vqryDQBlt2n5q8O-pvYzADqHheYk-JIJYOqn67rMb910cqBv8kmf2cKbNnDzlMH83oGcArPjRGJgBPoMkwSmB6OjqnjLx3y6Pgtr2XaGLPw2doxbJZY7iJI0hNs6W8D6R-hqXBRQsRcR6CU_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=pdf995s.exe

http://gsf-cf.softonic.com/1d8/51d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=19141&instance=softonic_en&type=PROGRAM&Expires=1441774594&Signature=TRgBNr0nVmzB-P2UuLy8gnTVIUDPdilsZ5Zl5vMH4o52o2zjzVq~efG~QPrg1SsNBTMYx4BiklsIqkavq6AA94UdRWfWgwQettT~g-kZNXfm643Uv~S5m9IcodqyCim83OGsdhDtm~~LqoQeaKHPWSUGNMV9c9Ea-7Dve19e-6M_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=pdf995s.exe

http://gsf-cf.softonic.com/1d8/51d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=19141&instance=softonic_en&type=PROGRAM&Expires=1470777336&Signature=GC5zheiHTJLSTMAM3lSvYvGW67i2dM5RHlWG7e-nXpHB-KPwWwjVXG0yXgVB5OQNKR97KGRdkRgZonwA56oXlT7ysxSVDslPtcbs1oHp5rJ5dZv9W-xcQKlptTnW8fDslzEA-JJK2wX1dy4joD0YD69CGRufBM~f4FbNZV2ph9w_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=pdf995s.exe

http://gsf-cf.softonic.com/1d8/51d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=19141&instance=softonic_en&type=PROGRAM&Expires=1470464191&Signature=T5XOhBRHLktxUZwPZVPerNrAXZ4jDgdF7dsysSJ9OEHxnG1fcpT3CobjSJizxxphpzZDDE5icA1FiE-PLXaI9oA17pkdzVHo1NdGTAJKYLkBMpeMyMFKNhcSoR2S4vOdHoKhoYKM01p9wrrFesRMQTKP5~3JJGca6g0KORI5MxU_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=pdf995s.exe

http://gsf-cf.softonic.com/1d8/51d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=19141&instance=softonic_en&type=PROGRAM&Expires=1462927694&Signature=DU1oJD~Pa0l64ba7q17A-7jsofLRTQfeKhbt5WQAnb9fk514B-vwyW7Jt3t-M~RBxDX43wa~m9xva-Dy~v4iEvLKZkCUanY-C9SVAVXQFSx-XbJXNLN2bNi1PKOgxM81icu550oEGnsy-CQKU47D1-hYOHX7OLzS-QZ0Jdoq~mQ_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=pdf995s.exe

http://gsf-cf.softonic.com/1d8/51d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=19141&instance=softonic_en&type=PROGRAM&Expires=1459725519&Signature=V9a5lggNdP2~rtxpTTSitKxKZiO7IJGR1tpxdEQi~708bcda5R6Dz2gXW1aD0KI--SlfstEXPH5xVZBZhJAJlzqSvFlI2KXZFUIELMXU7vljUr8WNPolpUios9-SCEyJP3Zh908DXr2SXZV5vAYIg1t-J-zFxFzxugFXjEAYUng_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=pdf995s.exe

http://gsf-cf.softonic.com/1d8/51d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=19141&instance=softonic_en&type=PROGRAM&Expires=1427773804&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=h4iIdU1Y1RSM3m62~ixplyGRg9otS2VPEmwMrQwOeaw0LyGXldEB8FutQnQWtn2tmmrwP8tO~VF96BWfbturD7wC0hqbcq8Guhm6y6mq~TZ7VgrYbG646ytqLMVA8o5-w-MnrXyjO91KpPWqnULoJfFYp3oY7beKnIgtGdZHAu4_&filename=pdf995s.exe

http://gsf-cf.softonic.com/1d8/51d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=19141&instance=softonic_en&type=PROGRAM&Expires=1449889156&Signature=UtY25CUAm4pfZ8pBhX10sL57RkHLrLP42t7Z5US3JnrTaKQp9avBEdLHP~R7-285N~RYDNcZCAK0T-mXPTsvaVjNF~ZUR4rQLRJTN6WXwvSTY~YFlrj0V~WTiPhynN05czFRb5COlZUlkefguFiCNG44h0WAk-NgQ6MNHrT~pJ8_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=pdf995s.exe

http://gsf-cf.softonic.com/1d8/51d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=19141&instance=softonic_en&type=PROGRAM&Expires=1430345034&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=VOXa8E3-AXjo-OBoVupcx6IuTH06EJCyPKbcA8n5UmA5Qv6fj62Q3j2w8ZtZ8lkf81679XXN1I3C~dWXV8rdIurA5tTIZpkiqM6K1zaHLOTo65QizEfUUUf3xjaQ2qZRek1Dvk4BIOCVftB1M31pY4PJ~l5N7WFlhpdGsckr1RY_&filename=pdf995s.exe

http://gsf-cf.softonic.com/1d8/51d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=19141&instance=softonic_en&type=PROGRAM&Expires=1447815000&Signature=HqztAdxlTqHUQlwSDMjM7BFzdj3ErnOYWR-Q5IZ9KHFJOt7hKN0noqJNyyE4A0vWcaqZz6LPphZNn3UAFWKjOLkGyVdJTkEiAPNDgJtJUp9rrhmeg6I60W-ZeNxtwRXYtVZ9UPvg5KAx5NEk2aa0ZtHN3~Cw9KvdtbbqXZap7eI_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=pdf995s.exe

http://gsf-cf.softonic.com/1d8/51d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=19141&instance=softonic_en&type=PROGRAM&Expires=1448127438&Signature=PbowQH3CNVFofqTSBsZeUuZthkpO7paZJd~Gf6Lg12gQo9cvuvPEItddc9GPmdrhK1sy3Znbx~pOz-lKhBxMlgRQdgdn6bzuGN60uKu~QAJgRNZzK9fzcwq25cuSzXoyV8tjzfcdTplGGj4yo-gv9GVVQHaxNOaXtOJQnPsqyP0_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=pdf995s.exe

http://gsf-cf.softonic.com/1d8/51d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=19141&instance=softonic_en&type=PROGRAM&Expires=1434267344&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=RyPVhfru5KTDaiYCSLir~pnIr4bWfJuqxF6x45c-x0GGPVH031LY7-QlbUQpCTDsKe3-KtKjR3OlgWENZ8apuhdLlUoJgnxHLciNavqRcuaRfmQ1CXoKmBADWwrk8va3UkJYVVKG6OOMJKdKibkad1T3wLxZumYdYeV9gun67GI_&filename=pdf995s.exe

http://gsf-cf.softonic.com/1d8/51d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=19141&instance=softonic_en&type=PROGRAM&Expires=1439865955&Signature=WitB~g2esXsc89uYuK~OJKCaVDg7B91rSwtA1JRnZcvcy8fS~7GsEiGJhCbzBhv~e75LJBX1CG1du-wQQtnztGwrfJitCj62qCCDXyH---23D40eJQ5SPaMwegUMvn6h2~8C37-CcttvZsGcaz1BMzNSgk9IWNRDWhyTFInAqbs_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=pdf995s.exe

Latest 30 of 36 download URLs

Remove pdf995s_v10.1_setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.