home

ultra pdf merger.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from www.ranchsendgift.com and multiple other hosts.
MD5:
d16eb9206b1d537879d5a39a60caf56b

SHA-1:
e25e13a13cef4c428223f8aadfe675cb5601f43f

SHA-256:
b08224c6930c7f4977ff0fb9f3b0597943b4dfc9d694737dfe9b36f5a8f03779

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/15/2024 11:27:18 AM UTC  (today)

File size:
1 MB (1,081,850 bytes)

File type:
Executable application (Win64 EXE)

Common path:
C:\users\{user}\downloads\ultra pdf merger.exe

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
24576:rasbDexj2uDkrDr7QhKJLhtiMfSCHmAWSHDH27Mx6GLnFRGRX2:ras1uDkfrchKJL3fmijH27oBWw

Entry point:
52, 61, 72, 21, 1A, 07, 00, CF, 90, 73, 00, 00, 0D, 00, 00, 00, 00, 00, 00, 00, 09, DD, 7A, 00, 80, 23, 00, 87, 00, 00, 00, BA, 00, 00, 00, 02, 86, A7, A9, 09, 00, 00, 00, 00, 1D, 33, 03, 00, 01, 00, 00, 00, 43, 4D, 54, 09, 91, 51, 0C, BD, 98, 11, 3D, B9, 09, C1, DE, 04, F0, 78, 10, 75, A8, E9, 9C, 02, 48, E2, B0, 24, 98, 12, 64, 21, 3B, DA, 18, E2, B9, 6E, 8F, 65, A8, F0, DB, B2, FF, 1E, F5, D5, F2, 3F, 14, 56, 8B, D1, 45, 95, F1, 5C, 36, 91, 70, 70, C4, 54, 39, 0A, 06, F1, C0, 30, DB, D5, 67, B4, 56, 35...
 
[+]

Entropy:
7.9993  (probably packed)

The file ultra pdf merger.exe has been seen being distributed by the following 3 URLs.

http://www.ranchsendgift.com/wWgK9iqe7_yQ5hXpD0fcfCorhQoHo0Sd_HTsi qWihqCCXLV3GyELoEvEz8CwQEqvPy9Pu5hg2aSwcufTiYWIN_51kkN3j 7Wnpr8XEFdr_CAZDudiZ2SgT0sWdCRB1ymP_azwCKN0EjVQEE1_e03GpC_0bFUqnAOrpcezN tI14Lz28VKAkv0nNySc oyVNDXEvffZSETgQN7VJR6XlP_LBnhO2g==-GzgAAETdFtstRWyCRfo4Rw9XYbcLmUQgiXS2dSBunMd1Izyv68urpRWYlWXGJ0Zt3biMQhA=

http://site.solutinet.com.br/2014/images/files/.../5e024d79f25ba35bd6b31d551203117c.rar

http://michalisnicolaides.com/.../UltraPDFMerger.rar

Scan ultra pdf merger.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.