home

soda_pdf_3d_reader_installer.exe

Soda PDF 3D Reader Installer

LULU SOFTWARE LIMITED

The application soda_pdf_3d_reader_installer.exe by LULU SOFTWARE LIMITED has been detected as a potentially unwanted program by 15 anti-malware scanners. This is a self-extracting archive and installer and has been known to bundle potentially unwanted software. This is the uninstaller utility registered in the Windows Control Panel for the program Soda PDF 3D Reader by LULU Software Limited. The file has been seen being downloaded from download3d.sodapdf.com and multiple other hosts.
Publisher:
LULU SOFTWARE LIMITED  (signed and verified)

Product:
Soda PDF 3D Reader Installer

Version:
6.0.22.17373

MD5:
75ed88f1c57f737d0f76115746352be6

SHA-1:
d0b27c45e1d395a168c643c8ce8627b355f35f2b

SHA-256:
77cf827a0b4f99dda079f96f8058e870be72ad6532907a3f54ec36a1158fa913

Scanner detections:
15 / 68

Status:
Clean  (15 possible false positive detections)

Explanation:
Uses the InstallIQ (by InstallX) software bundler that may include toolbars and other browser extensions offers.

Analysis date:
4/30/2024 12:22:50 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.Generic.12426514
759

Agnitum Outpost
Riskware.Agent
7.1.1

avast!
Win32:Malware-gen
2014.9-150106

Bitdefender
Trojan.Generic.12426514
1.0.20.30

Dr.Web
Trojan.Domaiq.38
9.0.1.06

Emsisoft Anti-Malware
Trojan.Generic.12426514
8.15.01.06.01

ESET NOD32
Win32/InstallIQ (variant)
9.10967

Fortinet FortiGate
Riskware/InstallIQ
1/6/2015

F-Secure
Trojan.Generic.12426514
11.2015-06-01_3

G Data
Trojan.Generic.12426514
15.1.24

McAfee
Artemis!75ED88F1C57F
5600.6893

MicroWorld eScan
Trojan.Generic.12426514
16.0.0.18

nProtect
Trojan.Generic.12426514
15.01.05.01

Trend Micro House Call
Suspicious_GEN.F47V1218
7.2.6

VIPRE Antivirus
Trojan.Win32.Generic
36400

File size:
6.2 MB (6,452,824 bytes)

Product version:
6.0.22.17373

Copyright:
© "LULU Software Limited" 2010-2013. All rights reserved.

Original file name:
PDF Installer.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\ProgramData\soda pdf 3d reader\installation\soda_pdf_3d_reader_installer.exe

Digital Signature
Signed by:
LULU SOFTWARE LIMITED

Authority:
VeriSign, Inc.

Valid from:
10/20/2014 2:00:00 AM

Valid to:
1/19/2017 12:59:59 AM

Subject:
CN=LULU SOFTWARE LIMITED, O=LULU SOFTWARE LIMITED, L=Ta'Xbiex, S=XBX, C=MT

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
0768200E7F5A53461703AE577D989C30

File PE Metadata
Compilation timestamp:
6/17/2014 5:30:44 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
98304:Pbq84yr7sAyDbBU8vOr24t0LOdTxQjRnkmVnbcPw0sbFT0qy1ZbsogBVrgNCDXbH:jqnyr7sRD9vO64pNxSLnbcMFfQZQbH

Entry address:
0xB61070

Entry point:
60, BE, 00, 50, 94, 00, 8D, BE, 00, C0, AB, FF, C7, 87, 3C, 52, 56, 00, E8, 96, 39, EA, 57, 83, CD, FF, EB, 0E, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, EF, 75, 09, 8B, 1E, 83, EE, FC, 11, DB, 73, E4, 31, C9, 83, E8, 03, 72, 0D, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 74, 89, C5, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB...
 
[+]

Packer / compiler:
UPX v0.89.6 - v1.02 / v1.05 -v1.22 (Delphi) stub

Code size:
6.1 MB (6,410,240 bytes)

Program Uninstaller
Program name:
Soda PDF 3D Reader

Display publisher:
LULU Software Limited

Display version:
6.0.22.17373

Uninstall string:
C:\ProgramData\Soda PDF 3D Reader\Installation\Soda_PDF_3D_Reader_Installer.exe /uninstall


The file soda_pdf_3d_reader_installer.exe has been seen being distributed by the following 2 URLs.

http://download3d.sodapdf.com/download.ashx?productcode=sodapdf3D$params=uid=1001962&cmp=shell&mkey1=reader&mkey2=sodapdf.com/file-extension-cbr-cbz&key1=default&key2=default&keyb=default&partner=file_x_cbr_cbz_en$dwld=http://download3d.sodapdf.com/.../

http://sodapdf.com/.../download.aspx

Remove soda_pdf_3d_reader_installer.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.