foxitreader606.0722_enu_setup.exe

Foxit Reader Setup

Foxit Corporation

This is a setup and installation application. This file is installed with the program Foxit Reader. The file has been seen being downloaded from c236.y8top.net and multiple other hosts.
Publisher:
Foxit Corporation   (signed by Foxit Corporation)

Product:
Foxit Reader Setup

Version:
6.0.6.722

MD5:
4f37739efd16ad73db4235efb6a5e64a

SHA-1:
17ae3fdcb4da3afc547fccf1d7bad9a399349d46

SHA-256:
ad1e0bab388ebf363aa554420d1c7623e06371cbbc8049cc1f8f2bae1a9ae7a4

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
11/23/2024 8:06:49 AM UTC  (today)

Scan engine
Detection
Engine version

Emsisoft Anti-Malware
Trojan.Generic.3842741
8.13.12.21.01

ESET NOD32
Win32/Bundled.Toolbar.Google
7.9190

File size:
28.6 MB (29,966,088 bytes)

Product version:
6.0.6.722

Copyright:
Copyright © 2005-2013 Foxit Corporation

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\foxitreader606.0722_enu_setup.exe

Digital Signature
Authority:
Starfield Technologies, Inc.

Valid from:
5/3/2013 9:56:10 AM

Valid to:
5/3/2016 10:33:52 PM

Subject:
CN=Foxit Corporation, O=Foxit Corporation, L=Fremont, S=CA, C=US

Issuer:
SERIALNUMBER=10688435, CN=Starfield Secure Certification Authority, OU=http://certificates.starfieldtech.com/repository, O="Starfield Technologies, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
04430E53296BF1

File PE Metadata
Compilation timestamp:
4/10/2010 6:57:59 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
786432:4GyiX9d3oxewSzOXIu27Iz4uuK1rx7Rh/yuvXpHXBKTDAbG/:4xiX9dwSzOXIuLceV//FXFRKTUbG/

Entry address:
0x163C4

Entry point:
55, 8B, EC, 83, C4, A4, 53, 56, 57, 33, C0, 89, 45, C4, 89, 45, C0, 89, 45, A4, 89, 45, D0, 89, 45, C8, 89, 45, CC, 89, 45, D4, 89, 45, D8, 89, 45, EC, B8, 54, 55, 41, 00, E8, 70, 04, FF, FF, 33, C0, 55, 68, 91, 6A, 41, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 4D, 6A, 41, 00, 64, FF, 32, 64, 89, 22, A1, 48, AB, 41, 00, E8, A6, EF, FF, FF, E8, B1, EA, FF, FF, 8D, 55, EC, 33, C0, E8, FB, 87, FF, FF, 8B, 55, EC, B8, B0, D6, 41, 00, E8, A6, EA, FE, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, B0, D6, 41, 00, B2, 01...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
85 KB (87,040 bytes)

The file foxitreader606.0722_enu_setup.exe has been discovered within the following program.

Foxit Reader  by Foxit Software Inc.
www.foxitsoftware.com
About 9% of users remove it
 
Powered by Should I Remove It?

The file foxitreader606.0722_enu_setup.exe has been seen being distributed by the following 50 URLs.

http://c236.y8top.net/2107tmp/cf/soft/2013/9/ba/.../foxit-reader_6060722.exe

http://downloads.zoznam.sk/.../foxit-pdf-reader-65?did=12327

http://www.filehippo.com/download/file/.../

http://f51.y8top.net/2107tmp/cf/soft/2013/9/ba/.../foxit-reader_6060722.exe

http://taimienphi.vn/.../get.ashx?sid=9616423D03637390CDCE0950EE03E1D7&type=100&t=12449E678FAA7D21D84E60456C617E98

http://www.filehippo.com/download/file/.../

https://downloader.disk.yandex.ru/disk/c3b8e2be4086e69538082b8f84d89d3480ced265787fcbf6c208bebab3371aa2/5639db1f/G0yV5JpoxYa_UUwmybN20u2RhJVh_ei5s1gbL92iO6mtTKz_5hfsE-WNjqdGG1luNZ0qpXbojMocFLQmHrwI8A==?uid=0&filename=FoxitReader.exe&disposition=attachment&hash=pdInpnMYaZOjFjal7MAuL7ai9SXXS/QjHcEmcc440KE=:/.../x-msdownload&fsize=29966088&hid=234a4fcaf8241b082f5f6f314d5bf022&media_type=executable&tknv=v2

http://foxit-reader.th.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-enKKJoZyjmpQ=

http://85.25.41.237/.../FoxitReader606.0722_enu_Setup.exe

http://62.75.167.207/.../FoxitReader606.0722_enu_Setup.exe

Latest 30 of 63 download URLs

Scan foxitreader606.0722_enu_setup.exe - Powered by Reason Core Security