PSPad.EXE

PSPad

Jan Fiala

The executable PSPad.EXE has been detected as malware by 3 anti-virus scanners.
Publisher:
Jan Fiala  (signed and verified)

Product:
PSPad

Description:
PSPad editor

Version:
4.6.0.2700

MD5:
e7fc4fbc0c156f2dfb87bd4dc8b3aee1

SHA-1:
4b919b03eea24ff20ee90706dcb3fb6358a28ccd

SHA-256:
733ae33816958b0f0518ff7688d8cc99d4ac3b6ff3d14da4bb099bf5c3126a0e

Scanner detections:
3 / 68

Status:
Malware

Analysis date:
12/25/2024 4:49:32 PM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
Win32/Floxif.H virus
6.3.12010.0

F-Prot
W32/Floxif.B
4.6.5.141

F-Secure
Win32.Floxif.A
5.15.154

File size:
5.2 MB (5,419,191 bytes)

Product version:
4.5.7

Copyright:
Jan Fiala 2001

Original file name:
PSPad.EXE

File type:
Executable application (Win32 EXE)

Language:
Czech (Czech Republic)

Common path:
C:\Program Files\pspad editor\pspad.exe

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
1/26/2015 8:00:00 AM

Valid to:
1/27/2016 7:59:59 AM

Subject:
CN=Jan Fiala, O=Jan Fiala, STREET=Slovakova 1270, L=Slavkov u Brna, S=Morava, PostalCode=68401, C=CZ

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00A69EB2B8CBB6453D95929407BEA15683

File PE Metadata
Compilation timestamp:
10/3/2015 1:19:48 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

Entry address:
0x31AAB0

Entry point:
E9, 0A, 7C, DC, FF, 00, 00, 00, 6A, 00, 6A, 00, 49, 75, F9, 53, 56, 57, B8, 08, A0, 71, 00, E8, 8C, CB, CE, FF, 33, C0, 55, 68, 92, AE, 71, 00, 64, FF, 30, 64, 89, 20, A1, DC, B3, 74, 00, 8D, 78, 0B, BE, A4, AE, 71, 00, A5, 66, A5, A4, C6, 05, 50, 11, 75, 00, 01, C6, 05, 51, 11, 75, 00, 00, 8D, 55, E8, 33, C0, E8, 01, 82, CE, FF, 8B, 45, E8, 8D, 55, EC, E8, F6, 18, CF, FF, 8D, 45, EC, BA, B4, AE, 71, 00, E8, 51, A5, CE, FF, 8B, 45, EC, E8, D9, 14, CF, FF, 84, C0, 0F, 84, 8B, 00, 00, 00, B2, 01, A1, E0, E8...
 
[+]

Entropy:
6.2300

Packer / compiler:
Xtreme-Protector v1.05

Code size:
3.1 MB (3,252,224 bytes)

Shell Open Command
Open type:
txtfile

Command:
"C:\Program Files\pspad editor\pspad.exe" "%1"


Remove PSPad.EXE - Powered by Reason Core Security