home

burn4free dvd copy.exe

Kaydar LLC

The is the installer for the WebPick InstalleRex download manager which bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed without consent. The application burn4free dvd copy.exe by Kaydar has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The file has been seen being downloaded from profficer.org.
Publisher:
Kaydar LLC  (signed and verified)

MD5:
b78cb9d4b8c43cb86f909fb12abd8ee1

SHA-1:
acfba51fb48fd634f9e9f51dd78258f17b4c5595

SHA-256:
8db55b84a7458e79cbe318ac5471f8dcd3417c82e979ff8f7564f56ff0ba67a9

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
11/24/2024 3:54:51 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.WebPick (M)
16.9.30.0

File size:
1.1 MB (1,114,592 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\burn4free dvd copy.exe

Digital Signature
Signed by:
Kaydar LLC

Authority:
GlobalSign nv-sa

Valid from:
2/12/2015 4:14:19 AM

Valid to:
9/24/2015 8:07:10 AM

Subject:
E=kaydarmail@gmail.com, CN=Kaydar LLC, O=Kaydar LLC, L=Dnipropetrovsk, C=UA

Issuer:
CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:
11217A57B813A060AF912C2EFE9F51A75C3B

File PE Metadata
Compilation timestamp:
5/27/2013 3:48:17 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
24576:gNW+A4phv34LhGhh6hBg6Buz525k01jwAp:gNxjv34LI6hBbK25kCb

Entry address:
0xB5269

Entry point:
E8, FE, 13, 00, 00, E9, 00, 00, 00, 00, 6A, 14, 68, A0, AD, 4F, 00, E8, 11, 19, 00, 00, E8, CB, 15, 00, 00, 0F, B7, F0, 6A, 02, E8, 91, 13, 00, 00, 59, B8, 4D, 5A, 00, 00, 66, 39, 05, 00, 00, 40, 00, 74, 04, 33, DB, EB, 33, A1, 3C, 00, 40, 00, 81, B8, 00, 00, 40, 00, 50, 45, 00, 00, 75, EB, B9, 0B, 01, 00, 00, 66, 39, 88, 18, 00, 40, 00, 75, DD, 33, DB, 83, B8, 74, 00, 40, 00, 0E, 76, 09, 39, 98, E8, 00, 40, 00, 0F, 95, C3, 89, 5D, E4, E8, 40, 03, 00, 00, 85, C0, 75, 08, 6A, 1C, E8, DC, 00, 00, 00, 59, E8...
 
[+]

Entropy:
7.4364

Code size:
745 KB (762,880 bytes)

The file burn4free dvd copy.exe has been seen being distributed by the following URL.

http://profficer.org/hp/?q=ph5VPIwm90WfHwysurhPo7LzR o6e ZVlhokDq4FCti1P1rwi331uOMeB6Fh4H/puzUN4mb6E8AQtTl57AySOarPmPtspFT9qTi3QqB/FUdhGsFCS69WWDYysycAX 5FhyOrgJJRaRu0EjGhEoIjbv53SjLNYYfA3LUYtosiQSsZLuyjfqW6jtNpCa7e5BSrvyBDPKst08F3Jreas8zTL41fG5G2qNu94gBfbfi/abrkId/qGlWuQuc1M9rEqvzkgyCz Musvf6mZSzzSm1b0qR4/3b/lwAsTVT1M32ZJSn4M0qz1eeN5SN 5B9cBLCRG35U4FvH/yFzZdXSCySyWGh4uPfuhox8GHS0s9K1AnrLbKYB8ggYLp/P4mk/Ygf8FJyp7a/xfyNG5ebNmTMSWYdBeCsboqDJU1MVimOKMpCqb6d5/Dt4NqzwQ5AumvHKzrHdl124PW0HaeFt ZI2VJ/LabyTEBoNsfpl 552wcrExjYzhBJlXHrFzpK9uOsVDk4vvu6CiIlCw1YhQRF6YPRL2zgZZpqbpIB/g7DnyIjdcTUo XpiO4E4IG/KhYi1IoQ8ntGgQCI24EWi2oBn/rK4 7wI6ZFS/ZUVonIO2NJH6R1fRJZVf07WyOt/imtbqWzJvLcdC2zwWeMoweS0uKdBheLfG1rYdMEO5rVKhfBORRMWrwPOlhoOjTsag18LMmtNsX3A41304xMEePerzippFTUyOtsCeuHb2Iy79NVQ5k/n/.../r6qWlCkM9fN&external_id=1424093574862681204

Remove burn4free dvd copy.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.