» softonicdownloader_pour_pdf-xchange-viewer.exe
Overview
Analysis
File Details

softonicdownloader_pour_pdf-xchange-viewer.exe

The application softonicdownloader_pour_pdf-xchange-viewer.exe has been detected as a potentially unwanted program by 12 anti-malware scanners.

File name:

MD5:

cfd6041c77080bb84083afd086410ceb

SHA-1:

701764f2b5377ab607ab2274a834f31ec70b3419

SHA-256:

2760d51d896976bd4601359aea20d2262780e7a29d2a9e2030f3f6709856c710

Scanner detections:

12 / 68

Status:

Potentially unwanted

Analysis date:

4/18/2024 6:02:09 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Kazy.270938

927

Bitdefender

Gen:Variant.Kazy.270938

1.0.20.1015

Bkav FE

HW32.CDB

1.3.0.4959

Comodo Security

Packed.Win32.MUPX.Gen

18936

Emsisoft Anti-Malware

Gen:Variant.Kazy.270938

8.14.07.22.03

F-Secure

Gen:Variant.Kazy.270938

11.2014-22-07_3

G Data

Gen:Variant.Kazy.270938

14.7.24

Kaspersky

not-a-virus:Downloader.Win32.Agent

15.0.0.494

MicroWorld eScan

Gen:Variant.Kazy.270938

15.0.0.609

Quick Heal

(Suspicious) - DNAScan

7.14.14.00

Sophos

Mal/Frethog-B

4.98

VIPRE Antivirus

Threat.4786139

31208

File size:

348 KB (356,308 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\softonicdownloader_pour_pdf-xchange-viewer.exe

File PE Metadata

Compilation timestamp:

6/11/2014 9:41:03 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

6144:cYBtPdv3lkW5kCz3mlh6F/56lrlMzjAOI/odcmAKu1cMh2idu+pLFoSVIZK0ZJGu:vBtPp6Gmzw/spMjAj/oSvxCqFoSVB8r

Entry address:

0xEECD0

Entry point:

08, 00, 00, 29, C8, 8B, 6C, 24, 38, C1, F8, 05, 8D, 04, 02, 66, 89, 85, B0, 01, 00, 00, 8B, 44, 24, 58, E9, A0, 00, 00, 00, 89, F1, 29, C7, 29, C1, 89, D0, 66, C1, E8, 05, 66, 29, C2, 8B, 44, 24, 38, 81, F9, FF, FF, FF, 00, 66, 89, 90, B0, 01, 00, 00, 77, 16, 3B, 5C, 24, 4C, 0F, 84, A1, 04, 00, 00, 0F, B6, 03, C1, E7, 08, C1, E1, 08, 43, 09, C7, 8B, 74, 24, 38, 89, C8, C1, E8, 0B, 66, 8B, 96, C8, 01, 00, 00, 0F, B7, EA, 0F, AF, C5, 39, C7, 73, 20, 89, C6, B8, 00, 08, 00, 00, 29, E8, 8B, 6C, 24, 38, C1, F8... 
[+]

Code size:

308 KB (315,392 bytes)

Remove softonicdownloader_pour_pdf-xchange-viewer.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.