burnaware.exe

Burnaware

The executable burnaware.exe has been detected as malware by 7 anti-virus scanners. While running, it connects to the Internet address burnaware.com on port 80 using the HTTP protocol.
Publisher:
Burnaware

Product:
BurnAware

Version:
6.9.4.0

MD5:
d036667de6377e20bb49c9dfd477e206

SHA-1:
3ac2d7bf7994018211e28ec7665e9c6f023ef23e

SHA-256:
17c030877ec8d5a2a5f913ddc6bb09d7862f1be8969b99e758e354d427eb3b52

Scanner detections:
7 / 68

Status:
Malware

Analysis date:
12/26/2024 12:07:39 AM UTC  (today)

Scan engine
Detection
Engine version

Fortinet FortiGate
W32/Dx.DDH!tr
6/7/2016

Kaspersky
UDS:DangerousObject.Multi.Generic
14.0.0.92

McAfee
Artemis!D036667DE637
5600.6375

NANO AntiVirus
Virus.Win32.Gen.ccmw
0.30.24.3283

Panda Antivirus
Malicious Packer
16.06.07.02

Qihoo 360 Security
Win32/Trojan.Multi.daf
1.0.0.1015

VIPRE Antivirus
Trojan.Win32.Generic
43278

File size:
587.1 KB (601,176 bytes)

Product version:
6.9.4

Copyright:
Copyright © 2014 Burnaware.

Trademarks:
All rights reserved.

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\burnaware premium\burnaware.exe

File PE Metadata
Compilation timestamp:
4/10/2014 8:53:48 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:+pKpzRvkYjgaFBYKJMsOwhuqLflGLEqM9nhNwWsNEp16u+I:+pihbXzYKqsO0uef0AR9hjs4sI

Entry address:
0x1000

Entry point:
B8, 74, 06, 59, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, 13, 5F, AC, 93, F6, DA, 0E, 49, B8, 88, 70, B9, 7F, 02, E4, D4, EB, 7A, 67, A9, 8C, 63, 33, CF, 10, DD, 78, 91, F2, 18, E5, 27, AB, A3, 28, B1, 0F, 54, 97, 41, 21, 6C, F6, 88, C0, 58, D2, A4, FB, 16, AF, 75, 33, 7C, D2, D6, 60, 76, 27, 27, 94, 9A, 2D, BB, 20, 10, E8, A4, 50, ED, 32, DC, FB, F2, 7F, 93, 61, 8D, AA, 3A, A9, 44, 8F, 1E, 17, 39, 44, D8, 46, 20, 80, 40, 8B...
 
[+]

Entropy:
7.9603

Packer / compiler:
PECompact v2

Code size:
873.5 KB (894,464 bytes)

Autoplay Handler
Display name:
BurnAware


The executing file has been seen to make the following network communication in live environments.

TCP (HTTP):
Connects to burnaware.com  (208.100.25.83:80)

Remove burnaware.exe - Powered by Reason Core Security