home

softonicdownloader_for_free-pdf-to-word-doc-converter.exe

Application Installer

The application softonicdownloader_for_free-pdf-to-word-doc-converter.exe has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup and installation application, however the file is not signed with an authenticode signature from a trusted source. The file has been seen being downloaded from free-pdf-to-word-doc-converter.ar.softonic.com.
Product:
Application Installer

Version:
1.41.8.18

MD5:
692429b1d2299fc7e281d0156e16d2e9

SHA-1:
ac52ab0d9b87cb1461484400e04d1c68627b3a6f

SHA-256:
43b286fbc0e3fe2936e79a071b8712e6ee2ba05480133b97c9aeae8eeb50648b

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
4/26/2024 9:44:53 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Softonic.Bundler.Installer.Meta (L)
16.6.17.20

File size:
443.7 KB (454,320 bytes)

Product version:
1.41.8.18

Copyright:
Copyright (C) 2014

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\softonicdownloader_for_free-pdf-to-word-doc-converter.exe

File PE Metadata
Compilation timestamp:
11/18/2014 12:39:25 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
12288:XhhLEGStlQS+N49iGNQfUyYoSwMWFOXRQc3nRdCh0:XhOGS3QhNWmfLFOXac3nzN

Entry address:
0xFA0A0

Entry point:
60, 8D, 35, A6, CB, D8, FE, 8A, F0, 8D, 1D, A9, 63, A4, A8, 0F, A5, EF, 69, C9, 16, 74, AB, EB, 0F, CF, 49, 42, 42, 0F, BA, ED, E6, 0F, AD, C7, BB, 00, 00, 00, 00, 69, D3, CF, A5, 88, CC, 69, D0, C9, 49, 2C, 27, 3D, 73, 4D, BA, 51, 03, DA, 0F, AC, CA, 99, 0F, C8, 49, 8D, 15, C4, 3C, 5D, 5B, 8B, F3, FF, CD, C7, C1, 01, 64, F1, 59, 89, D5, 88, EF, 8D, 3D, 13, BE, C1, DA, F3, 68, E9, 73, D2, 00, 4A, 0F, BA, E5, BF, 0F, AC, C7, 67, C7, C6, D3, B8, 8E, C0, 68, 1C, 99, 77, 00, 50, 0F, BE, D2, E8, 13, 00, 00, 00...
 
[+]

Entropy:
7.9716  (probably packed)

Code size:
320 KB (327,680 bytes)

The file softonicdownloader_for_free-pdf-to-word-doc-converter.exe has been seen being distributed by the following URL.

http://free-pdf-to-word-doc-converter.ar.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-flaaLo6SilpY=

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.