home

soda_3d_7_installer.exe

Soda PDF 3D Reader Installer

LULU SOFTWARE LIMITED

This is a self-extracting archive and installer. This is the uninstaller utility registered in the Windows Control Panel for the program Soda PDF 3D Reader by LULU Software Limited. The file has been seen being downloaded from software.thaiware.com and multiple other hosts.
Publisher:
LULU SOFTWARE LIMITED  (signed and verified)

Product:
Soda PDF 3D Reader Installer

Version:
7.2.3.22591

MD5:
ac6ffc7f31edc26f258c57ae9a512eaf

SHA-1:
45fd5bb78db048cbd699d340f142298993ea2b71

SHA-256:
7c0e49e0a3ccb5d6c89c0587b126929e47bf4aca6b150d0a405bc3138712d561

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/19/2024 5:52:26 PM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
W32.HfsAdware
1.3.0.7062

File size:
5.7 MB (6,003,800 bytes)

Product version:
7.2.3.22591

Copyright:
© "LULU Software Limited" 2010-2015. All rights reserved.

Original file name:
PDF Installer.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\soda_3d_7_installer.exe

Digital Signature
Signed by:
LULU SOFTWARE LIMITED

Authority:
VeriSign, Inc.

Valid from:
10/19/2014 5:00:00 PM

Valid to:
1/18/2017 3:59:59 PM

Subject:
CN=LULU SOFTWARE LIMITED, O=LULU SOFTWARE LIMITED, L=Ta'Xbiex, S=XBX, C=MT

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
0768200E7F5A53461703AE577D989C30

File PE Metadata
Compilation timestamp:
3/24/2015 8:54:23 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
98304:L0IB0N17mum19KQX6NWCj/nnnkmVnbcPw0sbFTXGfscwXuyJT2OcJ3qZCB92U8c1:gISjmumrxGWEnnLnbcMFjG0byOe2U/us

Entry address:
0xAC75C0

Entry point:
60, BE, 00, A0, 91, 00, 8D, BE, 00, 70, AE, FF, C7, 87, 30, AE, 51, 00, E1, D6, 36, 0C, 57, 83, CD, FF, EB, 0E, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, EF, 75, 09, 8B, 1E, 83, EE, FC, 11, DB, 73, E4, 31, C9, 83, E8, 03, 72, 0D, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 74, 89, C5, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB...
 
[+]

Entropy:
7.7861

Packer / compiler:
UPX v0.89.6 - v1.02 / v1.05 -v1.22 (Delphi) stub

Code size:
5.7 MB (5,955,584 bytes)

Program Uninstaller
Program name:
Soda PDF 3D Reader

Display publisher:
LULU Software Limited

Display version:
7.2.3.22591

Uninstall string:
C:\ProgramData\Soda PDF 3D Reader\Installation\Soda_PDF_3D_Reader_Installer.exe /uninstall


The file soda_3d_7_installer.exe has been seen being distributed by the following 2 URLs.

http://software.thaiware.com/download_url.php?id=11254

http://sodapdf.com/get-free-pdf-reader

Scan soda_3d_7_installer.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.