× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 11f8db3496ef2a1db6db0585e771550b42d7f555ef667e0f92f40ea32a47903b
File name: setupdoc2pdf.exe
Detection ratio: 0 / 68
Analysis date: 2017-12-10 23:06:07 UTC ( 7 months, 1 week ago ) View latest
Antivirus Result Update
Ad-Aware 20171210
AegisLab 20171210
AhnLab-V3 20171210
Alibaba 20171208
ALYac 20171210
Antiy-AVL 20171210
Arcabit 20171210
Avast 20171210
Avast-Mobile 20171210
AVG 20171210
Avira (no cloud) 20171210
AVware 20171210
Baidu 20171209
BitDefender 20171210
Bkav 20171208
CAT-QuickHeal 20171209
ClamAV 20171210
CMC 20171208
Comodo 20171210
CrowdStrike Falcon (ML) 20171016
Cybereason 20171103
Cylance 20171211
Cyren 20171210
DrWeb 20171210
eGambit 20171211
Emsisoft 20171210
Endgame 20171130
ESET-NOD32 20171210
F-Prot 20171210
F-Secure 20171210
Fortinet 20171210
GData 20171210
Ikarus 20171210
Sophos ML 20170914
Jiangmin 20171210
K7AntiVirus 20171210
K7GW 20171210
Kaspersky 20171210
Kingsoft 20171211
Malwarebytes 20171210
MAX 20171210
McAfee 20171210
McAfee-GW-Edition 20171210
Microsoft 20171210
eScan 20171210
NANO-Antivirus 20171210
nProtect 20171210
Palo Alto Networks (Known Signatures) 20171211
Panda 20171210
Qihoo-360 20171211
Rising 20171210
SentinelOne (Static ML) 20171207
Sophos AV 20171210
SUPERAntiSpyware 20171210
Symantec 20171210
Symantec Mobile Insight 20171207
Tencent 20171211
TheHacker 20171210
TotalDefense 20171210
TrendMicro 20171210
TrendMicro-HouseCall 20171210
Trustlook 20171211
VBA32 20171208
VIPRE 20171210
ViRobot 20171210
Webroot 20171211
WhiteArmor 20171204
Yandex 20171208
Zillya 20171209
ZoneAlarm by Check Point 20171210
Zoner 20171210
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (c) 2017 Batchwork Software

Product Batch Word to PDF Converter
File version 2017.9.1204.2074
Description http://www.batchwork.com
Comments This installation was built with Inno Setup.
Packers identified
F-PROT INNO, appended, Unicode
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1992-06-19 22:22:17
Entry Point 0x00009C40
Number of sections 8
PE sections
Overlays
MD5 0df5055a9603aa917de7b2a75829f33f
File type data
Offset 54272
Size 1007678
Entropy 8.00
PE imports
LookupPrivilegeValueA
RegCloseKey
OpenProcessToken
RegQueryValueExA
AdjustTokenPrivileges
RegOpenKeyExA
InitCommonControls
GetSystemTime
GetLastError
GetEnvironmentVariableA
GetStdHandle
EnterCriticalSection
GetUserDefaultLangID
GetSystemInfo
GetFileAttributesA
GetExitCodeProcess
ExitProcess
CreateDirectoryA
VirtualProtect
GetVersionExA
RemoveDirectoryA
RtlUnwind
LoadLibraryA
DeleteCriticalSection
GetCurrentProcess
SizeofResource
GetLocaleInfoA
LocalAlloc
LockResource
IsDBCSLeadByte
DeleteFileA
GetWindowsDirectoryA
GetSystemDefaultLCID
SetErrorMode
MultiByteToWideChar
GetCommandLineA
GetProcAddress
FormatMessageA
SetFilePointer
RaiseException
WideCharToMultiByte
GetModuleHandleA
ReadFile
InterlockedExchange
WriteFile
CloseHandle
GetACP
GetFullPathNameA
LocalFree
CreateProcessA
GetModuleFileNameA
InitializeCriticalSection
LoadResource
VirtualQuery
VirtualFree
TlsGetValue
Sleep
GetFileType
SetEndOfFile
TlsSetValue
CreateFileA
FindResourceA
VirtualAlloc
GetFileSize
SetLastError
LeaveCriticalSection
SysStringLen
SysAllocStringLen
VariantCopyInd
VariantClear
VariantChangeTypeEx
CharPrevA
CreateWindowExA
LoadStringA
DispatchMessageA
CallWindowProcA
MessageBoxA
PeekMessageA
SetWindowLongA
MsgWaitForMultipleObjects
TranslateMessage
ExitWindowsEx
DestroyWindow
Number of PE resources by type
RT_STRING 6
RT_ICON 4
RT_MANIFEST 1
RT_RCDATA 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 7
DUTCH 4
ENGLISH US 3
PE resources
ExifTool file metadata
UninitializedDataSize
0

Comments
This installation was built with Inno Setup.

LinkerVersion
2.25

ImageVersion
6.0

FileSubtype
0

FileVersionNumber
2017.9.1204.2074

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
17920

EntryPoint
0x9c40

MIMEType
application/octet-stream

LegalCopyright
Copyright (c) 2017 Batchwork Software

FileVersion
2017.9.1204.2074

TimeStamp
1992:06:19 23:22:17+01:00

FileType
Win32 EXE

PEType
PE32

SubsystemVersion
4.0

ProductVersion
2017.9.1204.2074

FileDescription
http://www.batchwork.com

OSVersion
1.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Batchwork Software

CodeSize
37888

ProductName
Batch Word to PDF Converter

ProductVersionNumber
2017.9.1204.2074

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 e8df8c441432a43e71ee2fe6ef5b05f4
SHA1 ec4a078b7645c6ef4c764d1fd7f9740a6a807d13
SHA256 11f8db3496ef2a1db6db0585e771550b42d7f555ef667e0f92f40ea32a47903b
ssdeep
24576:1nvWkgKoS0cAdyu+V3PhRASiKY7KjjgLUygRs7l:1vngKoSNs9SzcKvguS

authentihash 737e533ab08ef54673aac9d981bcf363e4802d1be1e5c16085604b0b6f04c706
imphash 884310b1928934402ea6fec1dbd3cf5e
File size 1.0 MB ( 1061950 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Inno Setup installer (77.7%)
Win32 Executable Delphi generic (10.0%)
Win32 Dynamic Link Library (generic) (4.6%)
Win32 Executable (generic) (3.1%)
Win16/32 Executable Delphi generic (1.4%)
Tags
peexe overlay

VirusTotal metadata
First submission 2017-12-04 11:06:48 UTC ( 7 months, 2 weeks ago )
Last submission 2017-12-10 18:24:08 UTC ( 7 months, 1 week ago )
File names setupdoc2pdf.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Deleted files
Created processes
Runtime DLLs