home

vspdfreader.exe

eXPert PDF Reader

visagesoft

This is a setup program which is used to install the application. The file has been seen being downloaded from dc168.gulfup.com.
Publisher:
visagesoft

Product:
eXPert PDF Reader

Version:
1.5.1080.0

MD5:
87b24a343fee99c939dde98ea72a70bf

SHA-1:
72d58c6ab860bef6a4bc2afcb3a10672773ff937

SHA-256:
24f2c09d0ec93297d91440ee1dd668ea0c5c1cad51c0d9defe1b93892ce57288

Scanner detections:
3 / 68

Status:
Clean  (3 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
4/25/2024 7:17:19 AM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
W32.HfsReno
1.3.0.6267

IKARUS anti.virus
Trojan.Win32.Sasfis
t3scan.1.8.3.0

McAfee
Generic Malware.bj
5600.6933

File size:
9.2 MB (9,695,744 bytes)

Product version:
1.5.0.0

Copyright:
Visagesoft

Trademarks:
Visagesoft

Original file name:
vspdfreader.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\vspdfreader.exe

File PE Metadata
Compilation timestamp:
10/26/2007 11:03:21 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
196608:zaRvOXjFJBFcqus8mANA2widfKyguEnleMHQc6y7K4pDQem8jgMK5GVz7:WRvOXjFJBFcqus5AJfKyvmeWEemYK5y

Entry address:
0x990000

Entry point:
90, 90, 90, 90, 90, 90, 90, 90, 90, 9C, 83, EC, 04, 60, E8, FD, D3, 01, 00, 61, 9D, C3, 36, 08, 99, 00, 00, 00, 00, 00, 00, 00, 00, 00, BE, 0E, 99, 00, 5A, 08, 99, 00, 4A, 08, 99, 00, 00, 00, 00, 00, 00, 00, 00, 00, 0E, 0F, 99, 00, 6E, 08, 99, 00, 52, 08, 99, 00, 00, 00, 00, 00, 00, 00, 00, 00, 29, 0F, 99, 00, 76, 08, 99, 00, 7E, 08, 99, 00, 00, 00, 00, 00, 00, 00, 00, 00, 38, 0F, 99, 00, 9E, 0B, 99, 00, 86, 08, 99, 00, 00, 00, 00, 00, 00, 00, 00, 00, 43, 11, 99, 00, A6, 0B, 99, 00, 8E, 08, 99, 00, 00, 00...
 
[+]

Code size:
5.4 MB (5,691,904 bytes)

The file vspdfreader.exe has been seen being distributed by the following URL.

http://dc168.gulfup.com/oVzEMs.exe

Scan vspdfreader.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.