× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: b9f19f605ba3a6d631229bd0d83ef272dfd199d9753327160e8d0ef044bf39cc
File name: Court_Notice_Jones_Day__Washington.exe
Detection ratio: 11 / 49
Analysis date: 2013-12-23 23:51:22 UTC ( 5 years, 1 month ago ) View latest
Antivirus Result Update
AhnLab-V3 ASD.Prevention 20131223
Baidu-International Trojan.Win32.Kuluoz.D 20131213
Commtouch W32/Trojan.NFNP-9149 20131224
F-Prot <W32/Trojan3.GYE 20131224
Fortinet W32/Zbot.FG!tr 20131223
Kaspersky UDS:DangerousObject.Multi.Generic 20131223
McAfee Downloader-FYJ!84FAE8803A2F 20131223
McAfee-GW-Edition Artemis!84FAE8803A2F 20131224
Microsoft TrojanDownloader:Win32/Kuluoz.D 20131223
Symantec Suspicious.Cloud.5 20131223
VIPRE Trojan.Win32.Generic.pak!cobra 20131224
Ad-Aware 20131224
Yandex 20131223
AntiVir 20131224
Antiy-AVL 20131223
Avast 20131224
AVG 20131223
BitDefender 20131224
Bkav 20131223
ByteHero 20130613
CAT-QuickHeal 20131222
ClamAV 20131223
CMC 20131217
Comodo 20131223
DrWeb 20131224
Emsisoft 20131224
ESET-NOD32 20131223
F-Secure 20131223
GData 20131224
Ikarus 20131223
Jiangmin 20131223
K7AntiVirus 20131223
K7GW 20131223
Kingsoft 20130829
Malwarebytes 20131224
eScan 20131224
NANO-Antivirus 20131223
Norman 20131223
nProtect 20131223
Panda 20131223
Rising 20131223
Sophos AV 20131223
SUPERAntiSpyware 20131224
TheHacker 20131223
TotalDefense 20131223
TrendMicro 20131224
TrendMicro-HouseCall 20131223
VBA32 20131223
ViRobot 20131223
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
© Copyright 2013 CoolPDF Software, Inc.

Product PDF Watermark Creator
File version 1.6.0.166
Description Setup PDF Watermark Creator
Comments This installation was built with Inno Setup.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-12-23 14:40:01
Entry Point 0x00002550
Number of sections 5
PE sections
PE imports
RegOpenKeyExA
GetDeviceCaps
SetWindowExtEx
LineTo
SetMapMode
DeleteDC
RestoreDC
MoveToEx
GetStockObject
SaveDC
PlayEnhMetaFile
CloseMetaFile
SetWindowOrgEx
CreateRectRgnIndirect
LPtoDP
CreateDCW
SetViewportOrgEx
DeleteMetaFile
CreateMetaFileW
GlobalFree
GetTickCount
GlobalUnlock
GetTempPathA
GetCurrentProcess
SizeofResource
LockResource
GetFileInformationByHandle
GlobalLock
GetCurrentThread
FindResourceExA
GetModuleHandleA
GetStartupInfoA
_lclose
GetTempFileNameA
EnumResourceLanguagesA
FreeResource
MoveFileA
LoadResource
CreateFileW
GlobalAlloc
VirtualAlloc
SetLastError
MapWindowPoints
SetFocus
GetParent
IntersectRect
EqualRect
OffsetRect
DefWindowProcW
FindWindowW
PostQuitMessage
DefWindowProcA
ShowWindow
SetWindowPos
SetWindowRgn
wvsprintfW
GetSystemMetrics
SetWindowLongW
IsWindow
GetClassInfoExW
RegisterClassExW
AdjustWindowRectEx
GetWindow
GetDC
GetKeyState
ReleaseDC
BeginPaint
SendMessageW
DestroyWindow
wsprintfW
EndPaint
LoadStringW
GetClientRect
SystemParametersInfoW
MessageBoxW
UnionRect
InvalidateRect
CharNextW
LoadImageW
GetWindowRect
DestroyAcceleratorTable
ExitWindowsEx
GetDesktopWindow
LoadCursorW
GetFocus
CreateWindowExW
GetWindowLongW
SetForegroundWindow
PtInRect
CallWindowProcW
IsChild
SetCursor
_purecall
__p__fmode
malloc
_acmdln
realloc
wcschr
__dllonexit
_cexit
_controlfp
strtol
_c_exit
_onexit
wcscmp
exit
_XcptFilter
_ftol
__setusermatherr
_adjust_fdiv
_except_handler3
_wcsnicmp
__p__commode
free
__getmainargs
memcpy
_exit
wcsstr
_initterm
__set_app_type
_wtoi
CoUninitialize
OleRegGetUserType
CoTaskMemAlloc
WriteClassStm
CoCreateInstance
OleSaveToStream
CoTaskMemRealloc
OleLoadFromStream
OleRegEnumVerbs
CoRevokeClassObject
CoRegisterClassObject
OleRegGetMiscStatus
CreateDataAdviseHolder
CoTaskMemFree
CoInitialize
CreateOleAdviseHolder
Number of PE resources by type
RT_STRING 6
RT_ICON 1
RT_MANIFEST 1
RT_RCDATA 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 7
ENGLISH US 4
PE resources
ExifTool file metadata
SubsystemVersion
5.0

Comments
This installation was built with Inno Setup.

LinkerVersion
9.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.6.0.166

LanguageCode
Neutral

FileFlagsMask
0x003f

FileDescription
Setup PDF Watermark Creator

ImageFileCharacteristics
No relocs, Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
16896

EntryPoint
0x2550

MIMEType
application/octet-stream

LegalCopyright
Copyright 2013 CoolPDF Software, Inc.

FileVersion
1.6.0.166

TimeStamp
2013:12:23 15:40:01+01:00

FileType
Win32 EXE

PEType
PE32

ProductVersion
1.6

UninitializedDataSize
0

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
CoolPDF Software, Inc.

CodeSize
105984

ProductName
PDF Watermark Creator

ProductVersionNumber
1.6.0.166

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 84fae8803a2fcba2d5f868644cb55dd6
SHA1 13cbca5530c0303c49a4be6011a35d429b5adb4d
SHA256 b9f19f605ba3a6d631229bd0d83ef272dfd199d9753327160e8d0ef044bf39cc
ssdeep
1536:TJd5W595RKrCfDDQrw0ikBEBronHXWGBuuCKQrowzvhAr0HDeP4jwCXfzFt2yL/x:F4Kr+DkiHBMGfz/hzvfje4RvJIM6C7R

authentihash 56d85167a36a9881c9574cd36647b18f1d52143806a7a167b475daf1297ded64
imphash 21e628d6796af6fac02c668b8abab472
File size 121.0 KB ( 123904 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (41.0%)
Win64 Executable (generic) (36.3%)
Win32 Dynamic Link Library (generic) (8.6%)
Win32 Executable (generic) (5.9%)
OS/2 Executable (generic) (2.6%)
Tags
peexe

VirusTotal metadata
First submission 2013-12-23 22:28:37 UTC ( 5 years, 1 month ago )
Last submission 2018-08-19 02:51:39 UTC ( 6 months ago )
File names 84fae8803a2fcba2d5f868644cb55dd6.exe
file-6387069_
court_notice_jones_day__washington.exe
Court_Notice_Jones_Day__Washington-v2.exe
007413114
Court_Notice_Jones_Day__Washington.exe
c-9c209-1143-1387837801
vti-rescan
Advanced heuristic and reputation engines
Behaviour characterization
Zemana
dll-injection

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!