Thirtyseven4 EDR Security: Fake PDF Conversion Tool

Thirtyseven4 EDR Security is dedicated to serving customers with a full palette of EDR security solutions including: User Behavior Analysis, Threat Prevention Intelligence (AI) Technology and Immediate Threat Response. Thirtyseven4 is grateful to be serving over 2,400 schools, libraries and non-profits across the Nation.

In the New Year, the Thirtyseven4 EDR Security team has discovered a new Potentially Unwanted Application (PUA) disguised as a PDF conversion tool, “PDFSkills”. Reports of the fake PDF conversion tool seem to indicate that the file is targeting K-12 school business offices via harvested email addresses.

Analysis:
File name: PDFSkills.exe
Md5: 3fed63ba4527b108772f0b932d48a875

Upon installing this application, it drops its component/configuration files at the following location:
C:\Users\admin\AppData\Local\PDFSkills


Created files include:

Uninstall.exe [MD5: 810259C5C89AB2652B4FEEDA974FBBDA]: Despite its name, the file does not uninstall/remove the application upon execution.

Update.exe [MD5: 6D317A2906DADCD3BA36FA7F2B8D1ED2]: Despite its name, the file does not perform any updates or activities. It terminates instantly after execution.

The actual application pretends to be a .PDF to .DOCX file converter, but in reality it does not perform any conversion.

Conclusion:
The application is poorly designed, incomplete or a non-functional program. As noted, the uninstall.exe file does not uninstall/remove the application from the system keeping residual files/registries as it is. Upon execution, it created an unconventional installation directory ie, C:\Users\admin\AppData\Local\PDFSkills.

PDFSkills application and its component files are PUA.


Trust us to protect you.


About Thirtyseven4 EDR Security:

Thirtyseven4 EDR Security exceeds cyber security insurance requirements and includes:

• Advanced EDR Capabilities
• A.I. based Ransomware Protection
• Next-Generation Malware Engine
• Automated Curative Response
• Advanced Next-Generation Anti-virus protection
• Automated/Monitored/Dynamic Endpoint Detection & Response (EDR) functionality
• A.I. based Ransomware Protection
• Next-Generation Malware Engine
• Automated Curative Response
• Removal of Current Antivirus Product
• Integrated Patch Management
• Anti-Keylogger modules
• Asset Management
• Firewall
• PC-Tuning
• Content Filtering
• Malware Detection & Removal
• Vulnerability Scanning
• Email Security
• Advanced Device Control

If you’re interested in receiving a non-obligation quote for Thirtyseven4 EDR Security, please complete the form located at:
https://www.thirtyseven4.com/get-a-quote/

We are grateful to be serving over 2,400 schools, businesses and non-rofits across the Nation and Thirtyseven4 EDR Security cares for our customers! We want the higher level of Security and Service for you and Thirtyseven4 EDR Security is it.

 

Thirtyseven4, LLC is dedicated to serving customers with a full palette of security solutions including AntiVirus, AntiMalware, Anti-Ransomware and Zero-Day Threat Protection.