home

pdf-converter.exe

The program is a setup application that uses the WinZip SFX installer. The file has been seen being downloaded from cvv.altavoz.net.
MD5:
53d176aa96a3d9f13a9885a602e4df28

SHA-1:
e0e9d6b31c2234979d351db65a7210f2bc3eba62

SHA-256:
e8e4132de658dcf8d6f0be0250e920f5e337da8c07716a1a4aa10789007bb931

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/15/2024 3:29:06 AM UTC  (today)

File size:
3.1 MB (3,240,960 bytes)

File type:
Executable application (Win32 EXE)

Installer:
WinZip SFX

Common path:
C:\users\{user}\downloads\pdf-converter.exe

File PE Metadata
Compilation timestamp:
1/9/2001 9:09:05 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
5.10

CTPH (ssdeep):
49152:WLTpjlEWhurcj4z6hNnq4/vJ0kbDpnNCrAmB/IPHVdHNeM4aUaAcQq0B3J0wZQMH:WXpxEGNzD/bNnNCVBwPLc+dzE50Rmv

Entry address:
0x3F8F

Entry point:
53, FF, 15, 4C, 70, 40, 00, B3, 22, 38, 18, 74, 03, 80, C3, FE, 8A, 48, 01, 40, 33, D2, 3A, CA, 74, 0A, 3A, CB, 74, 06, 8A, 48, 01, 40, EB, F2, 38, 10, 74, 01, 40, 52, 50, 52, 52, FF, 15, 50, 70, 40, 00, 50, E8, 9E, F3, FF, FF, 50, FF, 15, 54, 70, 40, 00, 5B, C3, 8B, 44, 24, 04, 8B, 40, 3C, 05, F8, 00, 00, 00, C3, 55, 8B, EC, 51, A1, 88, 94, 40, 00, 83, 0D, 00, 93, 40, 00, FF, 56, 33, F6, 39, 35, 40, 8E, 40, 00, 89, 35, 34, 94, 40, 00, 89, 35, 84, 94, 40, 00, A3, 24, 97, 40, 00, 75, 05, E8, 9D, D2, FF, FF...
 
[+]

Entropy:
7.9983

Packer / compiler:
WinZip, 0x32-bit SFX v8.x module

Code size:
21.5 KB (22,016 bytes)

The file pdf-converter.exe has been discovered within the following program.

CutePDF Writer 2.8  by GlobalSCAPE
Publisher's description - “Portable Document Format (PDF) is the de facto standard for the secure and reliable distribution and exchange of electronic documents and forms around the world. CutePDF Writer is the free version of commercial PDF converter software.”
www.cutepdf.com/products/cutepdf/writer.asp
11% remove it
 
Powered by Should I Remove It?

The file pdf-converter.exe has been seen being distributed by the following URL.

http://cvv.altavoz.net/prontus_cvv/site/artic/20090622/asocfile/.../converter.exe

Scan pdf-converter.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.