» pdfannotator.exe
Overview
Analysis
File Details

pdfannotator.exe

The application pdfannotator.exe has been detected as a potentially unwanted program by 23 anti-malware scanners.

File name:

pdfannotator.exe

MD5:

24e92c73aaeb8fb221a163469ab2b691

SHA-1:

1dacdcad7d6d1ad7878400550dc971367588bb44

SHA-256:

ad08a8ffe710e6c1c831e4b32e83227e289e025bb706bb5d66b0767c62433bbd

Scanner detections:

23 / 68

Status:

Potentially unwanted

Analysis date:

4/26/2024 11:31:59 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Kazy.242107

925

Agnitum Outpost

Riskware.HackTool

7.1.1

Avira AntiVirus

TR/Crypt.XPACK.Gen3

7.11.162.22

Bitdefender

Gen:Variant.Kazy.242107

1.0.20.1030

Comodo Security

UnclassifiedMalware

18878

Emsisoft Anti-Malware

Gen:Variant.Kazy.242107

8.14.07.25.07

ESET NOD32

Win32/HackTool.Patcher (variant)

8.10111

Fortinet FortiGate

Riskware/Patcher

7/25/2014

F-Secure

Gen:Variant.Kazy.242107

11.2014-25-07_6

G Data

Gen:Variant.Kazy.242107

14.7.24

IKARUS anti.virus

Trojan.SuspectCRC

t3scan.1.6.1.0

K7 AntiVirus

Hacktool

13.180.12758

McAfee

Artemis!24E92C73AAEB

5600.7059

MicroWorld eScan

Gen:Variant.Kazy.242107

15.0.0.618

NANO AntiVirus

Trojan.Win32.XPACK.cwccab

0.28.2.60881

Norman

Troj_Generic.UXZHI

11.20140725

Panda Antivirus

Trj/Genetic.gen

14.07.25.07

Qihoo 360 Security

Win32/Trojan.160

1.0.0.1015

Sophos

Generic PUA BN

4.98

Trend Micro House Call

TROJ_GEN.R0CBC0OGG14

7.2.206

Trend Micro

TROJ_GEN.R0CBC0OGG14

10.465.25

VIPRE Antivirus

Trojan.Win32.Generic

31344

Zillya! Antivirus

Trojan.Genome.Win32.202994

2.0.0.1860

File size:

15 KB (15,360 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\pdf annotator 5.0.0.502\cracked file\pdfannotator.exe

File PE Metadata

Compilation timestamp:

4/13/2012 7:27:44 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

192:MwHVFLYUGVkkaXG+NW/OGIRrwgGTsgqZC1UWre1Q87+T966uWZd49s5W:MwHfL9GNaX7NWGD01VreW8U96606W

Entry address:

0x1702

Entry point:

E8, 6B, 11, 00, 00, EB, 0A, 66, 81, 38, 22, 20, 75, 02, EB, 06, 40, 80, 38, 00, 75, F1, A3, CC, 42, 40, 00, 6A, 00, E8, 60, 11, 00, 00, A3, C8, 42, 40, 00, E8, 26, 10, 00, 00, 6A, 00, E8, 3B, 14, 00, 00, E8, 86, FF, FF, FF, E8, D4, 03, 00, 00, C7, 05, E0, 52, 40, 00, 44, 00, 00, 00, E8, C9, 05, 00, 00, E8, 1D, 0B, 00, 00, 6A, 00, E8, 06, 11, 00, 00, 55, 8B, EC, 83, C4, FC, 60, 8D, 45, FC, 50, 6A, 00, FF, 75, 0C, FF, 75, 08, 6A, 00, 6A, 00, E8, DE, 10, 00, 00, 50, E8, C0, 10, 00, 00, 61, C9, C2, 08, 00, 55... 
[+]

Entropy:

6.0234

Packer / compiler:

Safeguard 1.0

Code size:

7 KB (7,168 bytes)

Remove pdfannotator.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.