foxit pdf reader.exe

Apps-manager

FIRSERIA, S.L.

The setup program uses the Firseria/Solimba AppInstaller (DownloadMR) which is a monetization download manager that bundles additional adware offers, typically by wrapping legitimate applications. The application foxit pdf reader.exe by FIRSERIA, S.L has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the Solimba DownloadMR installer. The installer uses the Solimba download manager to push adware offers during the download and setup process. Bundled adware includes search and shopping web browser toolbars.
Publisher:
Firseria.-.Installer · sl  (signed by FIRSERIA, S.L.)

Product:
Apps-manager

Description:
Installer

Version:
3.1.22.4

MD5:
3f1de62f14c1c7067385aa48c5516e42

SHA-1:
9f93b7833904d1215f1248d4c75d530223b31fde

SHA-256:
692e58c15a5e19c2032b2b9af7e8857fffd04f36a3fb4cba047c605886b6ed45

Scanner detections:
1 / 68

Status:
Adware

Explanation:
Uses the Solimba installer to bundle adware offers.

Description:
This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:
12/25/2024 12:39:55 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Solimba (M)
17.3.15.11

File size:
572.2 KB (585,920 bytes)

Product version:
3.1.21

Copyright:
copyright © 2014

File type:
Executable application (Win32 EXE)

Bundler/Installer:
Solimba DownloadMR

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\foxit pdf reader.exe

Digital Signature
Signed by:

Authority:
Thawte, Inc.

Valid from:
7/24/2014 9:00:00 PM

Valid to:
7/23/2016 8:59:59 PM

Subject:
CN="FIRSERIA, S.L.", O="FIRSERIA, S.L.", L=Badalona, S=Barcelona, C=ES

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
7658ACC15B33D93ABD5A967181DEF901

File PE Metadata
Compilation timestamp:
8/1/2014 12:25:37 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

Entry address:
0xDFDC

Entry point:
E8, AC, 6C, 00, 00, E9, 00, 00, 00, 00, 6A, 14, 68, 48, 6E, 42, 00, E8, FE, 15, 00, 00, E8, 7D, 6E, 00, 00, 0F, B7, F0, 6A, 02, E8, 3F, 6C, 00, 00, 59, B8, 4D, 5A, 00, 00, 66, 39, 05, 00, 00, 40, 00, 74, 04, 33, DB, EB, 33, A1, 3C, 00, 40, 00, 81, B8, 00, 00, 40, 00, 50, 45, 00, 00, 75, EB, B9, 0B, 01, 00, 00, 66, 39, 88, 18, 00, 40, 00, 75, DD, 33, DB, 83, B8, 74, 00, 40, 00, 0E, 76, 09, 39, 98, E8, 00, 40, 00, 0F, 95, C3, 89, 5D, E4, E8, 08, 65, 00, 00, 85, C0, 75, 08, 6A, 1C, E8, DC, 00, 00, 00, 59, E8...
 
[+]

Code size:
114 KB (116,736 bytes)

Remove foxit pdf reader.exe - Powered by Reason Core Security