home

pdfreader!.exe

CAD-KAS Kassler Computersoftware GbR

This is a setup program which is used to install the application. The file has been seen being downloaded from soft.mydiv.net and multiple other hosts.
Publisher:
CAD-KAS Kassler Computersoftware GbR  (signed and verified)

MD5:
9507f3a6023669dada44cebf492ccf4a

SHA-1:
4f43e7e0169340780c9df03318ba746e586d2b94

SHA-256:
19c6a181f038d694e948332cefc5d649173b728ac252123a23d7f318f91750a7

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 10:21:22 AM UTC  (today)

File size:
5.6 MB (5,861,040 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\pdfreader!.exe

Digital Signature
Signed by:
CAD-KAS Kassler Computersoftware GbR

Authority:
COMODO CA Limited

Valid from:
9/4/2012 1:00:00 AM

Valid to:
9/5/2017 12:59:59 AM

Subject:
CN=CAD-KAS Kassler Computersoftware GbR, O=CAD-KAS Kassler Computersoftware GbR, STREET=Angerstraße 23, L=Markranstädt, S=Sachsen, PostalCode=04420, C=DE

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
55242FD1BDD235E958CEFEFD601C32F0

File PE Metadata
Compilation timestamp:
6/9/2012 2:19:49 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
98304:Ko9EKX1gJNVe/0w42tNjuW/sekDoDQxvcgTMgL0C5B1W0fEtPWy/H6GW7CrGrI4A:K4EUuJJyDCW/JVDLgLjlfyW6/W2ru7rk

Entry address:
0xAC87

Entry point:
E8, E3, FE, FF, FF, 33, C0, 50, 50, 50, 50, E8, 9F, 30, 00, 00, C3, 56, 57, 8B, 7C, 24, 0C, 8B, F1, 8B, CF, 89, 3E, E8, 8F, AB, FF, FF, 89, 46, 08, 89, 56, 0C, 8B, 87, 24, 0C, 00, 00, 89, 46, 10, 5F, 8B, C6, 5E, C2, 04, 00, 8B, C1, 8B, 08, 8B, 50, 10, 3B, 91, 24, 0C, 00, 00, 75, 0D, 6A, 00, FF, 70, 0C, FF, 70, 08, E8, 0E, B1, FF, FF, C3, 56, 8B, F1, 8B, 06, 85, C0, 74, 07, 50, FF, 15, C4, 40, 41, 00, 83, 26, 00, 83, 66, 08, 00, 83, 66, 0C, 00, 5E, C3, 56, 8B, F1, 80, 7E, 04, 00, 75, 34, 68, F4, 44, 41, 00...
 
[+]

Code size:
73 KB (74,752 bytes)

The file pdfreader!.exe has been seen being distributed by the following 31 URLs.

http://soft.mydiv.net/win/dlfilea0393_273518/.../pdfreader.exe

http://soft.mydiv.net/win/dlfileb0531_273517/.../pdfreader.exe

http://soft.mydiv.net/win/dlfile5f2d4_273518/.../pdfreader.exe

http://soft.mydiv.net/win/dlfile34866_273517/.../pdfreader.exe

http://soft.mydiv.net/win/dlfile5c15a_273518/.../pdfreader.exe

http://www.conecptbundlecenter.com/c?x=fIwI9FmIiXVQ2MMaVBGGv2XSZuuATeYHK5jUoXRLGe8=&c=upg9dQw/IvSR7kmjE8ZbxTvBISU8Rbm7Rp8gSLzJA9my4Cx5kQwsw3HG7TR1033NyaKM4SXOf/2GtvGFuIStodWhS3Ow0fVzLmjbb7JhZLENMOWkH4y26KbufdeS3xv0&downloadAs=PDF ReaderInstaller.exe&fallback_url=http://.../pdfreader!.exe

http://soft.mydiv.net/win/dlfileb2aea_273518/.../pdfreader.exe

http://soft.mydiv.net/win/dlfilef3607_273517/.../pdfreader.exe

http://soft.mydiv.net/win/dlfile62777_273517/.../pdfreader.exe

http://soft.mydiv.net/win/dlfile96daa_273518/.../pdfreader.exe

http://soft.mydiv.net/win/dlfile562de_273517/.../pdfreader.exe

http://soft.mydiv.net/win/dlfile1b6df_273518/.../pdfreader.exe

http://relizua.com/.../go.php?url=aHR0cDovL3d3dy5jYWRrYXMuZGUvcGRmcmVhZGVyIS5leGU=

http://soft.mydiv.net/win/dlfile0e249_273517/.../pdfreader.exe

http://soft.mydiv.net/win/dlfiled13ce_273518/.../pdfreader.exe

http://www.capitalheartlaboratory.com/ilM2_P6Wp8_f08DLKC015eAqjIuS7OzaQ99mZWve_7bHAz1xSkyBuWrkVQd_EdKuUtf8mA7rf 5oZYee6LPQa6 xiAt9wENn5utpCh0DFB1V2aBGIMZMWxOS8JuN5SWazTkKOXgiZVbou77Gf0N4y jH9yB6gRZQAqLBLXxq WXpE MUTGgM3ew8jRU2brfPu3rp24vKm_OJBE4wFn4vh1MGoltUCbF8QDoCbuUUnutE4Py9zFbt_0FyweXeoEVxCB5HVHZwWs8rJZfuHILCAi9dnKy4fmJ_ IZhuG2fKyuEFz6aNTWcjtkyJOuAULVeT17JM1yIHoum81gUp Qyj9Tw_MCyTn5mutfiODffJPajP EWEJLmeC UjhwqLAb_4twGhc9ysqS_6Aybd3KiuCerFAwcdg==-ixGAaHR0cDovL3d3dy5jYWRrYXMuY29tL3BkZnJlYWRlciEuZXhlAw==-e

http://soft.mydiv.net/win/dlfile00908_273517/.../pdfreader.exe

http://www.capitalheartlaboratory.com/rpeAdb3XmG0iDrsHTAh2U_qVpQJiBpixGw6k5jGxZvuTrEkM79lwSg6Y26ZQlC 7o2spjgspeRsae0Re4EvY8J_Jpcy_fbC_2vcu3akNvBn liCY7aTEbEWqk21izIh2WdpF0hrVEuUuLAYPzDZsG55xuSPsBS7g5Y0M2FlazUl9bE1jA3 fWrwY9cYOXWHfgkU14RHvN4aTAK4Zh0oODgNDfCrsWa3BOl5T v0homuTJYjZKEszs iCIHSo6SWc YxU8Yq9GJDdQYg8F1FjvnEs8 fVKLErAki4t6eSTKdRH00D2EgCrCOVIIeY4vPbC2gUrlIchDmGeDH5GA qN18irYuB8KjouHQk3 5Su EC 4aP7UsiBT93kzhwSOgOnX2kEuVgX6ORgaOixv23Y8vsrcWvg==-ixGAaHR0cDovL3d3dy5jYWRrYXMuY29tL3BkZnJlYWRlciEuZXhlAw==-e

http://soft.mydiv.net/win/dlfile683f8_273517/.../pdfreader.exe

http://www.winsite.com/go/download/.../

http://soft.mydiv.net/win/dlfile22359_273518/.../pdfreader.exe

http://soft.mydiv.net/win/dlfilee6d44_273518/.../pdfreader.exe

http://soft.mydiv.net/win/dlfiled210e_273517/.../pdfreader.exe

http://soft.mydiv.net/win/dlfile2debe_273517/.../pdfreader.exe

http://www.cadkas.de/pdfreader!.exe

http://soft.mydiv.net/win/dlfile2911e_273517/.../pdfreader.exe

http://soft.mydiv.net/win/dlfile4158c_273518/.../pdfreader.exe

http://soft.mydiv.net/win/dlfileb9b57_273518/.../pdfreader.exe

http://soft.mydiv.net/win/dlfile23a5d_273517/.../pdfreader.exe

http://cdn.menacdndownloadfiles.com/c?x=ybrJ8fNOuwIStMcRkS7fLIhAYw5RpNw74uMi 70NOPc=&c=cK4LU2wZewNNnMXiYt3PeAaF7g qCCAI4UpNHaO qpp9IX5Dq3HMldzK6i97jEGcj1bC70ZYAP0eqhhZ e6ASg==&downloadAs=PDF ReaderInstaller.exe&fallback_url=http://.../pdfreader!.exe

Latest 30 of 31 download URLs

Scan pdfreader!.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.