dtlite4413-0173.exe

DAEMON Tools Lite

DT Soft Ltd

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The file has been seen being downloaded from software.oldversion.com and multiple other hosts.
Publisher:
DT Soft Ltd.  (signed by DT Soft Ltd)

Product:
DAEMON Tools Lite

Description:
DAEMON Tools Lite Setup

Version:
4.41.3.0173.0

MD5:
e808a6b7751f6f980f97008d1aeb8036

SHA-1:
b001f7d0f1f9a7e61c5499e5c8350f497b5a3e18

SHA-256:
c5e6ccf97eef71e835ac37e7cf65e130e479d65cde4a251cc57d7775c1410057

Scanner detections:
2 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
11/23/2024 1:30:43 AM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
8.9276

Malwarebytes
PUP.Optional.OpenCandy
v2014.01.11.02

File size:
11 MB (11,527,296 bytes)

Product version:
4.41.3.0173.0

Copyright:
Copyright (C) 2004-2009

Original file name:
DAEMONSetup4.41.3.0173.exe

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Common path:
C:\users\{user}\appdata\local\temp\dtlite4413-0173.exe

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
11/3/2009 9:00:00 PM

Valid to:
11/3/2012 8:59:59 PM

Subject:
CN=DT Soft Ltd, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=DT Soft Ltd, L=Belize City, S=Belize, C=BZ

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
109F1DAAAFB83315A6B64A6EED82D816

File PE Metadata
Compilation timestamp:
4/10/2010 9:19:31 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
196608:xAJPBDrXFR208lZna0MQXdX9+lkPlKs/nbJFU3ZMOSw4Sv0680O+Uj80OV4SjxaM:xAJRX/K/D/NXIkPlKsFFUJUjR680OD8Z

Entry address:
0x354B

Entry point:
81, EC, D4, 02, 00, 00, 53, 55, 56, 57, 6A, 20, 33, ED, 5E, 89, 6C, 24, 18, C7, 44, 24, 10, D8, 84, 40, 00, 89, 6C, 24, 14, FF, 15, 30, 80, 40, 00, 68, 01, 80, 00, 00, FF, 15, B8, 80, 40, 00, 55, FF, 15, B0, 82, 40, 00, 6A, 08, A3, 98, 06, 47, 00, E8, 67, 27, 00, 00, 55, 68, B4, 02, 00, 00, A3, B0, 05, 47, 00, 8D, 44, 24, 38, 50, 55, 68, 1C, 86, 40, 00, FF, 15, 80, 81, 40, 00, 68, 04, 86, 40, 00, 68, A0, 85, 46, 00, E8, 35, 26, 00, 00, FF, 15, B4, 80, 40, 00, 50, BF, A0, 10, 4C, 00, 57, E8, 23, 26, 00, 00...
 
[+]

Packer / compiler:
Nullsoft install system v2.x

Code size:
25 KB (25,600 bytes)

The file dtlite4413-0173.exe has been discovered within the following programs.

Abaqus FLEXnet License Server  by Dassault Systemes
Publisher's description - “To obtain a license to run Abaqus Version 6.2-7 and later, you must provide the host (computer) ID information for the computer that will be used for the network license server. On Windows platforms, a network card is required to provide the unique host ID.”
www.simulia.com
About 1% of users remove it
DAEMON Tools Lite  by Disc Soft Ltd
Publisher's description - “Most popular product that offers easy tools for making simple disc image files and emulating virtual CD/DVD drives. Mount *.mdx, *.mds/*.mdf, *.iso, *.b5t, *.b6t, *.bwt, *.ccd, *.cdi, *.bin/*.cue, *.ape/*.cue, *.flac/*.cue, *.nrg, *.isz disc images to a virtual drive.”
www.daemon-tools.cc/products/dtLite
8% remove it
 
Powered by Should I Remove It?

The file dtlite4413-0173.exe has been seen being distributed by the following 50 URLs.

http://software.oldversion.com/download.php?f=YTo1OntzOjQ6InRpbWUiO2k6MTQ3NDM0NzU4MDtzOjI6ImlkIjtpOjU5NTU7czo0OiJmaWxlIjtzOjMxOiJMaXRlIDQuNDEuM19EVExpdGU0NDEzLTAxNzMuZXhlIjtzOjM6InVybCI7czo1ODoiaHR0cDovL3d3dy5vbGR2ZXJzaW9uLmNvbS93aW5kb3dzL2RhZW1vbi10b29scy1saXRlLTQtNDEtMyI7czo0OiJwYXNzIjtzOjMyOiI1ODJkMGVjYjVmY2NiOTE4ZDY5MDBjNzJkNzQwNzg1ZCI7fQ==

https://dl-web.dropbox.com/get/.../DTLite4413-0173.exe

https://onedrive.live.com/download.aspx?cid=E3A32ED185C98510&resid=E3A32ED185C98510!148&ithint=.exe

http://i.download.idg.pl/fannef/88055e7ae314b57bf9e57b28d3ab117d/56f96948//zx/vol2/w95/utils/daemontools/.../DTLite4413-0173.exe

http://mirror17.soft24.com/getfile.php?p=http://eu-uk1.disc-tools.com/.../DTLite4413-0173.exe

http://filehippo.com/es/download/file/.../

http://windows.indir.com/kaydet.php?x=T0ROQVFFQWhJU0V1UVhOdUt6Um1KVzAxVFE9PXx8fGFlYzhmYWM4ZWM1YjZiNGU4Y2JjNzQ3Y2I1ZDdkNzRk&m=1

http://dl1.filehippo.com/.../DTLite4413-0173.exe

http://i.download.idg.pl/fannef/224909538870a9fa13c8e6b2769912a2/57606616//zx/vol2/w95/utils/daemontools/.../DTLite4413-0173.exe

http://downloads.zamunda.eu/static/files/.../DTLite4413-0173.exe

http://freakshare.com/files/.../DTLite4413-0173.exe.html

http://i.download.idg.pl/fannef/b9417e85774014aac5470ac2fd54470b/58120df7//zx/vol2/w95/utils/daemontools/.../DTLite4413-0173.exe

http://i.download.idg.pl/fannef/4f098512c6045a1ed62acc8143e41d86/5634a5f5//zx/vol2/w95/utils/daemontools/.../DTLite4413-0173.exe

http://i.download.idg.pl/fannef/1f05a1389afd72e59a920327b3138700/58204977//zx/vol2/w95/utils/daemontools/.../DTLite4413-0173.exe

http://download.nf.pl/Download/4215/DAEMON-Tools-Lite-4-41-3-0173/tworzenie-obrazow-iso-emulacja-emulator/Pobierz/.../

http://i.download.idg.pl/fannef/18abe4aa62dc74513d89aceeb9ed4a54/5817f4d3//zx/vol2/w95/utils/daemontools/.../DTLite4413-0173.exe

http://i.download.idg.pl/fannef/68058213a23a3acaa680839b4433d986/57b61521//zx/vol2/w95/utils/daemontools/.../DTLite4413-0173.exe

http://i.download.idg.pl/fannef/297aeed455cc60b85beddbaaf6a9ce9a/57b9a470//zx/vol2/w95/utils/daemontools/.../DTLite4413-0173.exe

http://software.oldversion.com/download.php?f=YTo1OntzOjQ6InRpbWUiO2k6MTQ3NDE1NzYwNjtzOjI6ImlkIjtpOjU5Mzg7czo0OiJmaWxlIjtzOjI5OiI0NDEzLTAxNzNfRFRMaXRlNDQxMy0wMTczLmV4ZSI7czozOiJ1cmwiO3M6NTI6Imh0dHA6Ly93d3cub2xkdmVyc2lvbi5mci93aW5kb3dzL2RhZW1vbi10b29scy00LTQxLTMiO3M6NDoicGFzcyI7czozMjoiMTEyNzU1Zjg4MjhmOWUwZGJlYTM2NjEyOGEwMTM3NzUiO30=

http://i.download.idg.pl/fannef/8fe4d4718509fec48cbe5342032db6a5/581794cd//zx/vol2/w95/utils/daemontools/.../DTLite4413-0173.exe

http://i.download.idg.pl/fannef/8de7aa1ecb12ee5cf42cc44f7fafc19d/55dc51d6//zx/vol2/w95/utils/daemontools/.../DTLite4413-0173.exe

http://i.download.idg.pl/fannef/29217a49c56217ffe19f8e4205a00d1a/56560863//zx/vol2/w95/utils/daemontools/.../DTLite4413-0173.exe

http://i.download.idg.pl/fannef/64ac7460ca3fdd16c511223e7ca6af7c/57b320ba//zx/vol2/w95/utils/daemontools/.../DTLite4413-0173.exe

http://www.slo.ru/download/.../DTLite4413-0173.exe

ftp://cb7d88372e8c1821ead8160c315a00a9:1323280414@ftpclubicb9b.clubic.com/.../daemon-tools_daemon_tools_lite_4.41.3_francais_10729.exe

http://i.download.idg.pl/fannef/a9dc8b60da921ceba8b22f1488666b08/57275ce3//zx/vol2/w95/utils/daemontools/.../DTLite4413-0173.exe

http://i.download.idg.pl/fannef/f70d1ea2e22af7ec094a1747e5e3d617/5644571d//zx/vol2/w95/utils/daemontools/.../DTLite4413-0173.exe

http://i.download.idg.pl/fannef/d5057749c8e0edcb8e12d8e171851d9a/57c02c49//zx/vol2/w95/utils/daemontools/.../DTLite4413-0173.exe

http://i.download.idg.pl/fannef/e726b1e7feb16ec7e1209928eaec8d23/5674640a//zx/vol2/w95/utils/daemontools/.../DTLite4413-0173.exe

https://files.cloud.naver.com/.../DTLite4413-0173(?? ????).exe

Latest 30 of 200 download URLs

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):
Connects to cix030.tsimtung.com  (202.181.196.30:80)

TCP (HTTP SSL):
Connects to disc-soft.com  (217.147.90.28:443)

TCP (HTTP):
Connects to mail.duplexsecure.com  (212.117.175.144:80)

TCP (HTTP):
Connects to mail.foxportal.com  (212.117.184.50:80)

TCP (HTTP):
Connects to mail.disc-soft.com  (217.147.90.178:80)

TCP (HTTP):
Connects to ip-static-94-242-254-9.server.lu  (94.242.254.9:80)

TCP (HTTP):
Connects to 68-233-238-141.static.hvvc.us  (68.233.238.141:80)

TCP (HTTP):
Connects to 178-164-7.246.3p.ntebredband.no  (178.164.7.246:80)

Scan dtlite4413-0173.exe - Powered by Reason Core Security