home

Splash.exe

WinPDFEditor

The executable Splash.exe has been detected as malware by 14 anti-virus scanners.
Publisher:
WinPDFEditor

Product:
WinPDFEditor

Description:
Edit PDF Easily.

Version:
2.00.0002

MD5:
aad25ab7d718ba32eab267bee62bb161

SHA-1:
bbed606c29d1c2e26f908c3e46bf77437d9340d2

SHA-256:
85270e0feee94fd14e2f566a06a3e5294e61fec3b39447a8b096246c54eb7570

Scanner detections:
14 / 68

Status:
Malware

Analysis date:
4/25/2024 10:44:27 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Trojan.Heur.VP2.Xm2@am!Ttybb
675

Avira AntiVirus
TR/Dropper.Gen
3.6.1.96

avast!
Sf:Virut-A [Trj]
2014.9-150401

AVG
Win32/Virut
2016.0.3153

Bitdefender
Gen:Trojan.Heur.VP2.Xm2@am!Ttybb
1.0.20.455

Emsisoft Anti-Malware
Gen:Trojan.Heur.VP2.Xm2@am!Ttybb
8.15.04.01.12

F-Secure
Gen:Trojan.Heur.VP2.Xm2@am!Ttybb
11.2015-01-04_4

G Data
Gen:Trojan.Heur.VP2.Xm2@am!Ttybb
15.4.25

IKARUS anti.virus
Virus.Win32.Virut
t3scan.1.8.9.0

Microsoft Security Essentials
Virus:Win32/Virut.gen!M
1.1.11502.0

MicroWorld eScan
Gen:Trojan.Heur.VP2.Xm2@am!Ttybb
16.0.0.273

NANO AntiVirus
Virus.Win32.Virut.hpeg
0.30.8.659

Total Defense
Win32/Virut!remnants
37.0.11523

Vba32 AntiVirus
suspected of Virus.Win32.Virut.1
3.12.26.3

File size:
796 KB (815,104 bytes)

Product version:
2.00.0002

Copyright:
http://www.WinPDFEditor.com

Original file name:
Splash.exe

File type:
Executable application (Win32 EXE)

Language:
Chinese (PRC)

Common path:
C:\Program Files\winpdfeditor\splash.exe

File PE Metadata
Compilation timestamp:
12/7/2014 9:21:10 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
6144:PKqbB5Y0GIWFNjiL9wBjSK8qjd9TlPuNjiL9I3FexYx:lbB5OI90SK8Yd19IVB

Entry address:
0x17D0

Entry point:
68, 9C, 89, 49, 00, E8, F0, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 38, 00, 00, 00, 00, 00, 00, 00, 87, 63, D9, B9, E1, F7, 38, 4A, 93, DF, 51, C5, CC, F7, 4D, 0A, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 49, 00, 02, 50, 83, 02, 53, 70, 6C, 61, 73, 68, 00, 00, 00, 00, 00, 00, FF, CC, 31, 00, 09, 9D, 71, 70, F2, C7, B0, CA, 41, 93, 99, 5D, 7C, 7F, 48, 0A, 75, 99, 6D, 52, 37, 7E, 70, 90, 43, 9A, 72, A5, BD, 16, 9D, D6, F6, 3A, 4F, AD, 33, 99, 66, CF, 11, B7, 0C, 00, AA, 00, 60, D3, 93, 00, 00, 00...
 
[+]

Entropy:
6.4060

Developed / compiled with:
Microsoft Visual Basic v5.0/v6.0

Code size:
640 KB (655,360 bytes)

Remove Splash.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.