» pdr6free.exe
Overview
Analysis
File Details
Programs (2)
Downloads (17)

pdr6free.exe

MiniTool Power Data Recovery

MT SOLUTION LTD

This is a setup and installation application. This is installed with multiple programs including MiniTool Power Data Recovery. The file has been seen being downloaded from power-data-recovery.soft32.com and multiple other hosts.

File name:

pdr6free.exe

Publisher:

MiniTool Solution Ltd. (signed by MT SOLUTION LTD)

Product:

MiniTool Power Data Recovery

Description:

MiniTool Power Data Recovery Setup

Version:

6.6

MD5:

8abc83b6f97aa431537f1a4708bdc997

SHA-1:

0d12d638b4adec56079eba96b9a1fb117b1a727e

SHA-256:

019e55947c361f6e9ed114ec42bf461c77e0bb22a32c1ef95791f5a81f37fc1f

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/26/2024 4:11:46 PM UTC (today)

File size:

5.6 MB (5,915,680 bytes)

Product version:

6.6

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\??????? ???????\pdr6free.exe

Digital Signature

Signed by:

MT SOLUTION LTD

Authority:

GlobalSign nv-sa

Valid from:

6/27/2009 12:05:18 AM

Valid to:

6/27/2012 12:05:13 AM

Subject:

E=support@mt-solution.ca, CN=MT SOLUTION LTD, OU=IT, O=MT SOLUTION LTD, L=SURREY, S=BC, C=CA

Issuer:

CN=GlobalSign ObjectSign CA, OU=ObjectSign CA, O=GlobalSign nv-sa, C=BE

Serial number:

010000000001221ECC020D

File PE Metadata

Compilation timestamp:

3/17/2011 12:22:54 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

98304:s+gD5khaJWqopQjmk/E8Byou+jA6lHE2YWrheLISP95S9aMJHbbkOVAgbR+2rW:0mhnpQzEwyGj3PYAeLIPXJH0pgbR+2rW

Entry address:

0x16478

Entry point:

55, 8B, EC, 83, C4, A4, 53, 56, 57, 33, C0, 89, 45, C4, 89, 45, C0, 89, 45, A4, 89, 45, D0, 89, 45, C8, 89, 45, CC, 89, 45, D4, 89, 45, D8, 89, 45, EC, B8, B0, 52, 41, 00, E8, AC, 03, FF, FF, 33, C0, 55, 68, 45, 6B, 41, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 01, 6B, 41, 00, 64, FF, 32, 64, 89, 22, A1, 48, AB, 41, 00, E8, 4E, EC, FF, FF, E8, F5, E7, FF, FF, 8D, 55, EC, 33, C0, E8, 7F, 84, FF, FF, 8B, 55, EC, B8, AC, D6, 41, 00, E8, E2, E9, FE, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, AC, D6, 41, 00, B2, 01... 
[+]

Entropy:

7.9304

Developed / compiled with:

Microsoft Visual C++

Code size:

84 KB (86,016 bytes)

The file pdr6free.exe has been discovered within the following programs.

MiniTool Power Data Recovery by MiniTool Solution Ltd.

Publisher's description - “Unlike other data recovery software, MiniTool Power Data Recovery is an all in one data recovery software for home and business users.”

www.PowerDataRecovery.com

About 6% of users remove it

Toolwiz Time Freeze 2014 by ToolWiz

www.Toolwiz.com

About 1% of users remove it

The file pdr6free.exe has been seen being distributed by the following 17 URLs.

http://power-data-recovery.soft32.com/get/file/id/.../

http://www.filepuma.com/file/1469091504c2803/minitool_power_data_recovery_6.6/.../0/

http://download.s32cdn.com/30/299178/.../pdr6free.exe

https://d1ob5g40gc5b6g.cloudfront.net/30/299178/.../pdr6free.exe

http://csillagpor.org/.../power-data-recovery-free.exe

http://f51.softwaretop.net/2107tmp/cf/soft/2013/9/ba/.../minitol-partition-recovery_66.exe

http://www.filepuma.com/file/1461414115c2803/minitool_power_data_recovery_6.6/.../0/

http://download1470.mediafire.com/mdpg0ax7eogg/.../pdr6free.exe

http://downloads.hotdownloads.ru/.../pdr6free.exe

http://c36.softwaretop.net/2107tmp/cf/soft/2013/9/ba/.../minitol-partition-recovery_66.exe

http://www.programlar.com/.../?operation=download.complete&contentType=none&panel=client&module=prg&objectId=12LG4DJF2&random=20140428220311.29ul4oi6uild5024ccmneifi56.580

http://www.filepuma.com/file/1375403446c2803/minitool_power_data_recovery_6.6/.../0/

http://www.filepuma.com/down/1375403446c2803/minitool_power_data_recovery_6.6/.../0/

http://files.filepuma.com/files/system-utilities/.../MiniTool_Power_Data_Recovery_v6.6.exe

http://91.74.184.65/.../pdr6free.exe

http://software-files-a.cnet.com/s/software/12/17/24/.../pdr6free.exe

http://www.powerdatarecovery.com/.../pdr6free.exe

Scan pdr6free.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.