× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: a6cb6905775a7c4995222b3d91e7513a405d0cd183b7106dd713e720b2a4762a
File name: 30aae526f5c4b474cc5e81c12fd73986.exe
Detection ratio: 49 / 57
Analysis date: 2015-02-15 13:23:45 UTC ( 2 months, 1 week ago )
Antivirus Result Update
ALYac Trojan.GenericKD.1464612 20150215
AVG Zbot.EOY 20150215
AVware Trojan.Win32.Meredrop 20150215
Ad-Aware Trojan.GenericKD.1464612 20150215
Agnitum Trojan.DL.Kuluoz!Ea/CsFzlGVY 20150215
AhnLab-V3 Trojan/Win32.Kuluoz 20150215
Antiy-AVL Trojan[Downloader]/Win32.Dofoil 20150215
Avast Win32:Malware-gen 20150215
Avira TR/Agent.byr 20150215
Baidu-International Trojan.Win32.Dofoil.rqh 20150215
BitDefender Trojan.GenericKD.1464612 20150215
Bkav W32.DownloadZortobA.Trojan 20150213
CAT-QuickHeal TrojanPWS.Zbot.Gen 20150214
Comodo Backdoor.Win32.Androm.BMUN 20150215
Cyren W32/Trojan.BDDH-7155 20150215
DrWeb BackDoor.Kuluoz.4 20150215
ESET-NOD32 Win32/TrojanDownloader.Zortob.B 20150215
Emsisoft Trojan-Downloader.Win32.Kuluoz (A) 20150215
F-Prot W32/Trojan3.GVP 20150215
F-Secure Trojan.GenericKD.1464612 20150215
Fortinet W32/Dofoil.AFGZ!tr.dldr 20150215
GData Trojan.GenericKD.1464612 20150215
Ikarus Trojan-Downloader.Win32.Dofoil 20150215
K7AntiVirus Trojan ( 0001140e1 ) 20150215
K7GW Trojan ( 0001140e1 ) 20150215
Kaspersky Trojan-Downloader.Win32.Dofoil.rqh 20150215
Kingsoft Win32.Troj.Agent.zz.(kcloud) 20150215
Malwarebytes Trojan.Dofoil 20150215
McAfee Backdoor-FBSO 20150215
McAfee-GW-Edition Generic.ru 20150214
MicroWorld-eScan Trojan.GenericKD.1464612 20150215
Microsoft TrojanDownloader:Win32/Kuluoz.D 20150215
NANO-Antivirus Trojan.Win32.Dofoil.csjzjm 20150215
Norman Kryptik.CDHR 20150215
Panda Trj/WLT.A 20150215
Qihoo-360 HEUR/Malware.QVM20.Gen 20150215
Rising PE:Trojan.Win32.Generic.163D9B53!373136211 20150214
Sophos Troj/Agent-AFGT 20150215
Symantec Trojan.Fakeavlock 20150215
Tencent Win32.Trojan-downloader.Dofoil.Liqs 20150215
TheHacker Trojan/Downloader.Zortob.b 20150213
TotalDefense Win32/Tnega.ATNT 20150215
TrendMicro BKDR_ZACCESS.ANQ 20150215
TrendMicro-HouseCall BKDR_ZACCESS.ANQ 20150215
VBA32 TrojanDownloader.Dofoil 20150213
VIPRE Trojan.Win32.Meredrop 20150215
ViRobot Trojan.Win32.A.Downloader.209920.KV[h] 20150215
Zillya Downloader.Dofoil.Win32.544 20150215
nProtect Trojan-Downloader/W32.Dofoil.209920 20150213
AegisLab 20150215
Alibaba 20150215
ByteHero 20150215
CMC 20150214
ClamAV 20150215
Jiangmin 20150214
SUPERAntiSpyware 20150215
Zoner 20150213
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Developer metadata
Copyright
© Copyright 2013 CoolPDF Software, Inc.

Publisher CoolPDF Software, Inc.
Product PDF Watermark Creator
File version 1.6.0.166
Description Setup PDF Watermark Creator
Comments This installation was built with Inno Setup.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-12-19 11:28:38
Link date 12:28 PM 12/19/2013
Entry Point 0x00002180
Number of sections 4
PE sections
PE imports
RegOpenKeyExA
GetDeviceCaps
SetWindowExtEx
LineTo
SetMapMode
DeleteDC
RestoreDC
MoveToEx
GetStockObject
SaveDC
PlayEnhMetaFile
CloseMetaFile
SetWindowOrgEx
CreateRectRgnIndirect
LPtoDP
CreateDCW
SetViewportOrgEx
DeleteMetaFile
CreateMetaFileW
GetCurrentProcess
CreateFileW
GlobalAlloc
GetCurrentThread
VirtualAlloc
GetProcessHeap
MapWindowPoints
SetFocus
GetParent
IntersectRect
EqualRect
OffsetRect
DefWindowProcW
FindWindowW
PostQuitMessage
DefWindowProcA
ShowWindow
SetWindowPos
SetWindowRgn
wvsprintfW
GetSystemMetrics
SetWindowLongW
IsWindow
GetWindowRect
RegisterClassExW
AdjustWindowRectEx
GetWindow
GetDC
GetKeyState
ReleaseDC
BeginPaint
SendMessageW
DestroyWindow
wsprintfW
EndPaint
LoadStringW
GetClientRect
SystemParametersInfoW
MessageBoxW
UnionRect
InvalidateRect
CharNextW
LoadImageW
GetClassInfoExW
DestroyAcceleratorTable
ExitWindowsEx
GetDesktopWindow
LoadCursorW
GetFocus
CreateWindowExW
GetWindowLongW
SetForegroundWindow
PtInRect
CallWindowProcW
IsChild
SetCursor
strtol
_purecall
malloc
_except_handler3
__set_app_type
__p__fmode
realloc
__p__commode
__setusermatherr
wcschr
free
_onexit
wcscmp
_wcsnicmp
__dllonexit
_ftol
wcsstr
_controlfp
memcpy
_adjust_fdiv
_wtoi
CoUninitialize
OleRegGetUserType
CoTaskMemAlloc
WriteClassStm
CoCreateInstance
OleSaveToStream
CoTaskMemRealloc
OleLoadFromStream
OleRegEnumVerbs
CoRevokeClassObject
CoRegisterClassObject
OleRegGetMiscStatus
CreateDataAdviseHolder
CoTaskMemFree
CoInitialize
CreateOleAdviseHolder
Number of PE resources by type
RT_STRING 6
RT_ICON 3
RT_MANIFEST 1
RT_RCDATA 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 7
ENGLISH US 6
ExifTool file metadata
UninitializedDataSize
0

Comments
This installation was built with Inno Setup.

LinkerVersion
9.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.6.0.166

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
202752

MIMEType
application/octet-stream

LegalCopyright
Copyright 2013 CoolPDF Software, Inc.

FileVersion
1.6.0.166

TimeStamp
2013:12:19 12:28:38+01:00

FileType
Win32 EXE

PEType
PE32

SubsystemVersion
5.0

FileAccessDate
2015:02:15 14:23:45+01:00

ProductVersion
1.6

FileDescription
Setup PDF Watermark Creator

OSVersion
5.0

FileCreateDate
2015:02:15 14:23:45+01:00

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
CoolPDF Software, Inc.

CodeSize
6144

ProductName
PDF Watermark Creator

ProductVersionNumber
1.6.0.166

EntryPoint
0x2180

ObjectFileType
Executable application

File identification
MD5 30aae526f5c4b474cc5e81c12fd73986
SHA1 5fd41d3ca9afbb56b2acce518e4c3ab32aba1c18
SHA256 a6cb6905775a7c4995222b3d91e7513a405d0cd183b7106dd713e720b2a4762a
ssdeep
1536:syp+TIXxicpRclRUjOv60/3/Lg2owc0aNaIKfIzwOS5oUJoFqWGVYL4sVsdWR:syAiTLclRU907sNaDfQfqUnsAR

authentihash 50258beab115654c1806a1e9b8c3618b58c210a42b9511d5f728802065edf173
imphash b8696615158a2b6a1ca7b622e59c1f5f
File size 205.0 KB ( 209920 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (42.1%)
Win64 Executable (generic) (37.3%)
Win32 Dynamic Link Library (generic) (8.8%)
Win32 Executable (generic) (6.0%)
Generic Win/DOS Executable (2.7%)
Tags
peexe

VirusTotal metadata
First submission 2013-12-19 14:41:02 UTC ( 1 year, 4 months ago )
Last submission 2015-02-01 15:07:03 UTC ( 2 months, 3 weeks ago )
File names License_Key_Document_Adobe_Systems_Incorporated.exe
file-6367059_
a6cb6905775a7c4995222b3d91e7513a405d0cd183b7106dd713e720b2a4762a
a6cb6905775a7c4995222b3d91e7513a405d0cd183b7106dd713e720b2a4762a.bin
vti-rescan
30aae526f5c4b474cc5e81c12fd73986.exe
c-eb3a8-1091-1387467901
E-Ticket.exe
30aae526f5c4b474cc5e81c12fd73986
Advanced heuristic and reputation engines
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!