imagetopdf_softn.exe

Image To PDF

zxt2007.com

The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from www.softonic.com and multiple other hosts.
Publisher:
zxt2007.com

Product:
Image To PDF

Description:
Image To PDF Setup

Version:
1.6.0.0

MD5:
db1616d098ac11a95b49859836a16943

SHA-1:
c2c553996936bb114fda3f79d18f69d703f135f4

SHA-256:
8f12fa154efed9c4a9cf158d6f7b3edf2058cc800fd7692a3a52f84435814fee

Scanner detections:
3 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
12/27/2024 2:17:30 AM UTC  (today)

Scan engine
Detection
Engine version

Baidu Antivirus
PUA.Win32.BundleLoader
4.0.3.15410

ESET NOD32
Win32/BundleLoader.B potentially unwanted
9.11432

McAfee
Artemis!DB1616D098AC
5600.6799

File size:
1.4 MB (1,436,638 bytes)

Product version:
1.6.0.0

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\imagetopdf_softn.exe

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:RGgAZR0RWxUunjQe7CdzYnIqIIKwWEm1JpF8Y48NFTudw98DU5:RLGUujQe7CF9qfFA8Y8y+C

Entry address:
0x9B34

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, 66, 95, FF, FF, E8, 6D, A7, FF, FF, E8, 98, C9, FF, FF, E8, DF, C9, FF, FF, E8, 0E, F3, FF, FF, E8, 75, F4, FF, FF, 33, C0, 55, 68, EB, A1, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, B4, A1, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 9B, FE, FF, FF, E8, 02, FA, FF, FF, 8D, 55, F0, 33, C0, E8, C8, CF, FF, FF, 8B, 55, F0, B8, F4, CD, 40, 00, E8, 17, 96, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, F4, CD, 40, 00, B2, 01, B8...
 
[+]

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
37 KB (37,888 bytes)

The file imagetopdf_softn.exe has been seen being distributed by the following 9 URLs.

http://www.softonic.com/sads/tracker.php?ev=c&co=ES&sid=dc7be0942088d1dd39c50c42c2d743eb&upv=2d54db80ca51fd2e0eb63648cbefaa3d&z=results&sk=0&abt=&eid=&params=F24F8F4D368AFA5D32C8A90D9EFD1CBAE1A16743FECF3EECEB4DC3D7B3E7AEFB20B8E75C707189B3C90BC0C5AF3A9F9808338FF1A246B3266D82FFA54C24AD59599DEFE94C9FC03B648D57627ACA5203CC16D16FAB1CB12432E49D9796392424BBD198B370FC33515DFFAEEC9B07C08686F045E97D58F09A5272D09781D81FAA5656DED8760A23F5020BF2FD91A515389340FB97CEF95C83B5290E3B2C48FDC502DF1119D791D70C0BCBC8C08EC43F55&h=34B16E5BD19196C1D5B2DB41883FA311BCCE4F5A75059E2E80895582E6258DC1&directdownload=1&f=3346679&d=http://en.zxt2007.com/download/.../imagetopdf_softn.exe

http://en.softonic.com/sads/tracker.php?ev=c&co=MY&sid=49566ebb32ce39fab0c879d834b5b991&upv=50ae9f429cd922109db21be524055f90&z=results&sk=0&abp=0&abt=&eid=&params=F39B2A32BFC101987B1458170C278E03C04C00EB1B518730AEF2A76D81F9E0168AFC49C77793B1F747BFACE5BF4AA8A73D6E525C92BA3EC07A9060CE3366A0B05EED67F8D4A683DE7F6C1CE0245779E3E7F07504A036AF884BDBF70BDACFF4A2E714375A18CC6872F7C3C9C197B0AE6AF008DA60C9745BDD4A51789D71A5DC1C5D1804A1E3328CBCC0A0D047E22037F312978CCCDDBA2EDDE1F5452AF8DB0952&h=EAF7CF8155ED75E7DC7E64DE75529BF0D37E51280AC516E93F47BE7A42E25FA4&directdownload=1&f=3346679&d=http://en.zxt2007.com/download/.../imagetopdf_softn.exe

http://www.softonic.com/sads/tracker.php?ev=c&co=MX&sid=583e1deb4e22532be755f01e4b44fd3f&upv=bcddd4d72ebec76d11669ab7ec311d5d&z=results&sk=0&abt=&eid=&params=F24F8F4D368AFA5D32C8A90D9EFD1CBAE1A16743FECF3EECEB4DC3D7B3E7AEFB20B8E75C707189B3C90BC0C5AF3A9F9813E75AEBCF02E059748679D615F166CD65C0671213BCDC3C72C18A15FFC4E6C6EEFF81F3C31AD04522C868CE7FA0C99CB0DC9B31F481393EE26875AED51BACDEFC3CC8E2221C45EC29C6564D38CFCD3CE0514401C278C5D82DCCA9C31662EB7807C71F449757E6A867426DABF8661FCC&h=15C9E5B331A5DEC5F21409470B910AFE7F1161A08580FBC95D81CC1279E91A51&directdownload=1&f=3346679&d=http://en.zxt2007.com/download/.../imagetopdf_softn.exe

Scan imagetopdf_softn.exe - Powered by Reason Core Security