× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: d5ec477dc0b39867b39a56b9ca7652c8ea115533583d8b6211c1e4f53537bbb2
File name: licensekey_adobe.exe
Detection ratio: 40 / 48
Analysis date: 2014-01-06 11:15:17 UTC ( 3 months, 2 weeks ago ) View latest
Antivirus Result Update
AVG Luhe.Fiha.A 20140106
Ad-Aware Trojan.GenericKD.1467765 20140106
AhnLab-V3 Trojan/Win32.Agent 20140105
AntiVir TR/Crypt.ZPACK.24407 20140106
Avast Win32:Malware-gen 20140106
Baidu-International Trojan.Win32.Dofoil.Ay 20131213
BitDefender Trojan.GenericKD.1467765 20140106
Bkav HW32.CDB.8f0d 20140106
CAT-QuickHeal TrojanDownloader.Kuluoz 20140106
Commtouch W32/Trojan.MKDW-0603 20140106
Comodo UnclassifiedMalware 20140106
DrWeb BackDoor.Kuluoz.4 20140106
ESET-NOD32 Win32/TrojanDownloader.Zortob.B 20140106
Emsisoft Trojan.GenericKD.1467765 (B) 20140106
F-Prot W32/Trojan3.GXH 20140106
F-Secure Trojan.GenericKD.1467765 20140106
Fortinet W32/Zbot.FG!tr 20140106
GData Trojan.GenericKD.1467765 20140106
Ikarus Trojan-Downloader.Win32.Dofoil 20140106
K7AntiVirus Riskware ( 0040eff71 ) 20140103
K7GW Riskware ( 0040eff71 ) 20140103
Kaspersky Trojan-Downloader.Win32.Dofoil.rqs 20140106
Kingsoft Win32.Troj.Agent.zz.(kcloud) 20130829
Malwarebytes Trojan.Dofoil.FW 20140106
McAfee RDN/Generic.tfr!dt 20140106
McAfee-GW-Edition RDN/Generic.tfr!dt 20140106
MicroWorld-eScan Trojan.GenericKD.1467765 20140106
Microsoft TrojanDownloader:Win32/Kuluoz.D 20140106
NANO-Antivirus Trojan.Win32.Zortob.crnwuh 20140106
Norman Kryptik.CCGB 20140106
Panda Generic Malware 20140105
Rising PE:Trojan.Win32.Generic.163E5955!373184853 20140106
Sophos Troj/Agent-AFEX 20140106
Symantec Trojan.Fakeavlock 20140105
TotalDefense Win32/Kuluoz.dbYUIOD 20140105
TrendMicro BKDR_KULUOZ.NW 20140106
TrendMicro-HouseCall BKDR_KULUOZ.NW 20140106
VBA32 TrojanDownloader.Dofoil 20140105
VIPRE Trojan.Win32.ZAccess.qp (v) 20140106
nProtect Trojan.GenericKD.1467765 20140106
Agnitum 20140106
Antiy-AVL 20140106
ByteHero 20131226
ClamAV 20140102
Jiangmin 20140106
SUPERAntiSpyware 20140105
TheHacker 20140105
ViRobot 20140106
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block
Copyright
© Copyright 2013 CoolPDF Software, Inc.

Publisher CoolPDF Software, Inc.
Product PDF Watermark Creator
File version 1.6.0.166
Description Setup PDF Watermark Creator
Comments This installation was built with Inno Setup.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-12-21 08:15:08
Link date 9:15 AM 12/21/2013
Entry Point 0x00002590
Number of sections 4
PE sections
PE imports
GetDeviceCaps
SetWindowExtEx
LineTo
SetMapMode
DeleteDC
RestoreDC
MoveToEx
GetStockObject
SaveDC
PlayEnhMetaFile
CloseMetaFile
SetWindowOrgEx
CreateRectRgnIndirect
LPtoDP
CreateDCW
SetViewportOrgEx
DeleteMetaFile
CreateMetaFileW
LoadLibraryW
GlobalFree
GetTickCount
GlobalUnlock
_lclose
GetCurrentProcess
SizeofResource
LockResource
GetFileInformationByHandle
GlobalLock
GetCurrentThread
FindResourceExA
GetTempPathA
GetTempFileNameA
EnumResourceLanguagesA
GetProcAddress
FreeResource
MoveFileA
LoadResource
CreateFileW
GlobalAlloc
VirtualAlloc
SetLastError
MapWindowPoints
SetFocus
GetParent
IntersectRect
EqualRect
OffsetRect
DefWindowProcW
FindWindowW
PostQuitMessage
DefWindowProcA
ShowWindow
SetWindowPos
SetWindowRgn
wvsprintfW
GetSystemMetrics
SetWindowLongW
IsWindow
GetWindowRect
RegisterClassExW
AdjustWindowRectEx
GetWindow
GetDC
GetKeyState
ReleaseDC
BeginPaint
SendMessageW
DestroyWindow
GetWindowLongW
EndPaint
LoadStringW
GetClientRect
SystemParametersInfoW
MessageBoxW
UnionRect
InvalidateRect
CharNextW
LoadImageW
GetClassInfoExW
DestroyAcceleratorTable
ExitWindowsEx
GetDesktopWindow
LoadCursorW
GetFocus
CreateWindowExW
wsprintfW
SetForegroundWindow
SetCursor
CallWindowProcW
IsChild
PtInRect
strtol
_purecall
malloc
_except_handler3
__set_app_type
__p__fmode
realloc
__p__commode
__setusermatherr
wcschr
free
_onexit
wcscmp
_wcsnicmp
__dllonexit
_ftol
wcsstr
_controlfp
memcpy
_adjust_fdiv
_wtoi
CoUninitialize
OleRegGetUserType
CoTaskMemAlloc
WriteClassStm
CoCreateInstance
OleSaveToStream
CoTaskMemRealloc
OleLoadFromStream
OleRegEnumVerbs
CoRevokeClassObject
CoRegisterClassObject
OleRegGetMiscStatus
CreateDataAdviseHolder
CoTaskMemFree
CoInitialize
CreateOleAdviseHolder
Number of PE resources by type
RT_STRING 6
RT_ICON 3
RT_MANIFEST 1
RT_RCDATA 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 7
ENGLISH US 6
ExifTool file metadata
UninitializedDataSize
0

Comments
This installation was built with Inno Setup.

LinkerVersion
9.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.6.0.166

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
108032

MIMEType
application/octet-stream

LegalCopyright
Copyright 2013 CoolPDF Software, Inc.

FileVersion
1.6.0.166

TimeStamp
2013:12:21 09:15:08+01:00

FileType
Win32 EXE

PEType
PE32

SubsystemVersion
5.0

FileAccessDate
2014:03:20 00:05:50+01:00

ProductVersion
1.6

FileDescription
Setup PDF Watermark Creator

OSVersion
5.0

FileCreateDate
2014:03:20 00:05:50+01:00

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
CoolPDF Software, Inc.

CodeSize
8704

ProductName
PDF Watermark Creator

ProductVersionNumber
1.6.0.166

EntryPoint
0x2590

ObjectFileType
Executable application

File identification
MD5 10dbbaaceda4dce944ebb9c777f24066
SHA1 6d902b7ac4e4854ae1755c1f21efea4f212ba963
SHA256 d5ec477dc0b39867b39a56b9ca7652c8ea115533583d8b6211c1e4f53537bbb2
ssdeep
3072:vyTDrr+DkiHBMGfz/hzvfje4RvJWM6UVnsAR:Kvyhl/hL7eURWEn

imphash 41126606c893e2b7c9867bd573746ee1
File size 115.0 KB ( 117760 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (42.1%)
Win64 Executable (generic) (37.3%)
Win32 Dynamic Link Library (generic) (8.8%)
Win32 Executable (generic) (6.0%)
Generic Win/DOS Executable (2.7%)
Tags
peexe

VirusTotal metadata
First submission 2013-12-21 13:56:59 UTC ( 4 months ago )
Last submission 2014-03-19 23:03:10 UTC ( 1 month ago )
File names file-6377408_exe
c-915ac-1123-1387635601
LicenseKey_Adobe.exe
d5ec477dc0b39867b39a56b9ca7652c8ea115533583d8b6211c1e4f53537bbb2
My_CV_document_________________________.exe
10dbbaaceda4dce944ebb9c777f24066.exe
10DBBAACEDA4DCE944EBB9C777F24066
10dbbaaceda4dce944ebb9c777f24066
My_CV_document_________________________.exe-2013-12-22.04-20-01.txt
licensekey_adobe.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Created processes
Opened mutexes
Runtime DLLs