home

pdfsam_basic_installer.exe

PDFsam Basic Installer

ANDREA VACONDIO

Publisher:
PDFsam  (signed by ANDREA VACONDIO)

Product:
PDFsam Basic Installer

Version:
3.0.31.29080

MD5:
9233ceaccc65c06376f2caf0e4b1ee3b

SHA-1:
4542dbcdec5af35edd69f9b84a238c6fa50e6123

SHA-256:
91b2341ddcb2b366376232291bde4afe474467fea15a67bd1b7d9a3f5e0f6126

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/15/2024 2:38:31 PM UTC  (today)

File size:
9.1 MB (9,579,896 bytes)

Product version:
3.0.31.29080

Copyright:
ANDREA VACONDIO

Original file name:
PDF Installer.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\pdfsam_basic_installer.exe

Digital Signature
Signed by:
ANDREA VACONDIO

Authority:
GoDaddy.com, Inc.

Valid from:
10/13/2015 8:50:38 PM

Valid to:
10/13/2016 8:50:38 PM

Subject:
CN=ANDREA VACONDIO, O=ANDREA VACONDIO, L=Bibbiano, S=Reggio Emilia, C=IT

Issuer:
CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
76EB5706FDB03A84

File PE Metadata
Compilation timestamp:
8/3/2016 2:59:11 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
196608:ERm+GKJGkZVAlPuD3+0Nb3Q3p47rqNq4/aaOkRhQ6cBoMIB+bHJe/wdt:WmdMZVCWvb3YW7rqNCkjcBoMIB+7JAw7

Entry address:
0x3D75DC

Entry point:
E8, 76, 3A, 01, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 8B, 55, 0C, 56, 8B, 75, 08, 57, 0F, B6, 06, 8D, 48, BF, 46, 83, F9, 19, 77, 03, 83, C0, 20, 0F, B6, 0A, 8D, 79, BF, 42, 83, FF, 19, 77, 03, 83, C1, 20, 85, C0, 74, 04, 3B, C1, 74, DA, 5F, 2B, C1, 5E, 5D, C3, 8B, FF, 55, 8B, EC, 83, EC, 10, 53, FF, 75, 10, 8D, 4D, F0, E8, 52, 8A, FF, FF, 8B, 5D, 08, 85, DB, 75, 23, E8, 8E, 9C, FF, FF, C7, 00, 16, 00, 00, 00, E8, FB, C8, FF, FF, 38, 5D, FC, 74, 07, 8B, 45, F8, 83, 60, 70, FD, B8, FF, FF, FF, 7F, EB...
 
[+]

Entropy:
6.9251

Code size:
4.6 MB (4,794,880 bytes)

The file pdfsam_basic_installer.exe has been seen being distributed by the following URL.

http://download.pdfsam.org/download.ashx?productcode=pdfsam$params=partner=pdfsam&uid=1007261&crid=7215&wid=4484&googleID=default&cmp=PDFsam&key1=default&key2=default&mkey1=IanAff_PDFsam&ref=pdfsam.org$thx=http://paygw.sodapdf.com/redirect/install/soda-pdf-6/?partner=pdfsam$custlog=http://selfserve.upclick.com/index.aspx$support=http://paygw.sodapdf.com/redirect/support/soda-pdf-6/?partner=pdfsam$dwld=http://download.pdfsam.org/.../

Scan pdfsam_basic_installer.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.