» poweriso6.exe
Overview
Analysis
File Details
Downloads (2549)

poweriso6.exe

PowerISO Setup

Power Software Limited

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The file has been seen being downloaded from www.capitalmetahead.com and multiple other hosts.

File name:

poweriso6.exe

Publisher:

Power Software Ltd (signed by Power Software Limited)

Product:

PowerISO Setup

Version:

6.6.0.0

MD5:

a0bfc67cb820cbdf4d66c7fb75e32704

SHA-1:

d9a3a96c77e41e313a74bebd0be340f5bc6bf288

SHA-256:

9f11d092223ae5b444cacfb9415a1750c4a8ce1933c2321cd0e7bd1114be86c1

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

11/23/2024 4:42:56 AM UTC (today)

File size:

3.5 MB (3,717,352 bytes)

Product version:

6.6.0.0

File type:

Executable application (Win32 EXE)

Installer:

NSIS (Nullsoft Scriptable Install System)

Language:

English (United States)

Common path:

C:\users\{user}\downloads\poweriso6.exe

Digital Signature

Signed by:

Power Software Limited

Authority:

VeriSign, Inc.

Valid from:

3/26/2014 8:00:00 PM

Valid to:

6/25/2017 7:59:59 PM

Subject:

CN=Power Software Limited, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Power Software Limited, L=Hong Kong, S=Hong Kong, C=HK

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

227EFDF22825BA270530FB09D52B32F8

File PE Metadata

Compilation timestamp:

4/1/2016 11:20:09 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

98304:QyNXgXn9XCHEpcLVF3IhjjoPfEwZg+cdCsS0N:ToAF3IBMsZ

Entry address:

0x326C

Entry point:

81, EC, 84, 01, 00, 00, 53, 55, 56, 57, 33, DB, 68, 01, 80, 00, 00, 89, 5C, 24, 20, C7, 44, 24, 14, 30, 91, 40, 00, 89, 5C, 24, 1C, C6, 44, 24, 18, 20, FF, 15, B4, 70, 40, 00, FF, 15, B0, 70, 40, 00, 66, 3D, 06, 00, 74, 11, 53, E8, 07, 2E, 00, 00, 3B, C3, 74, 07, 68, 00, 0C, 00, 00, FF, D0, BE, 80, 72, 40, 00, 56, E8, 83, 2D, 00, 00, 56, FF, 15, AC, 70, 40, 00, 8D, 74, 06, 01, 38, 1E, 75, EB, 6A, 0D, E8, DB, 2D, 00, 00, 6A, 0B, E8, D4, 2D, 00, 00, A3, 64, 3F, 42, 00, FF, 15, 38, 70, 40, 00, 53, FF, 15, 6C... 
[+]

Entropy:

7.9958

Packer / compiler:

Nullsoft install system v2.x

Code size:

23.5 KB (24,064 bytes)

The file poweriso6.exe has been seen being distributed by the following 50 URLs.

http://www.capitalmetahead.com/V2oD uPpHy2ZdpejS8LFt3uQDr5tHuZKgBieOwZcYZMHcp5MlUT62FtPuLGTMrGNcNsEM6oNc7BSrfs Pq7VUfttdMPgfhNBchBGkrtBFSHFpKTfl6x5JR7c52l1KSnV3z8p8bYzPRaMRmw4ozs785FwSPdC1_LOqzi51g_e1kzRAOSbeZah7gJ06UxwuAYAs3WKaIFC-G0oAAGRsXWvX4IeysG7DBhw4lUlAtuOwMXau4HEXNRYU6s7hF KO241fppgTQiFTQlUCUiK4Qam UmB6c_MFn3OCeT_716E=

http://www.universedlgift.com/UCJ8OkmcthDYf0_pJgDrgOcEZ8aNXvqA9PUwo4GFYcXc0oXvh54eI2Y2RPv69W20I8qjjW9cyY_1tnufpiI1Fe_Vi7WvK13Twp_wEvs7Kiz6wYZeQCdZTuXCM7PF1_bUz1Up5v5Xl385OX9DOSKF3fDybU3TLOX2Sgl1pdBU9SQutPLYfGJ9fVP1G2jvRIrUnKpQQni1-G0oAAGRsXWvX4IeysG7DBhw4lUlAtuOwMXau4HEXNRYU6s7hF KO241fppgTQiFTQlUCUiK4Qam UmB6c_MFn3OCeT_716E=

http://www.universedlgift.com/DzxzjtSJSKoYCUDefi7YuMQPJrTgAadYEUPzWXfckcpj_v361uMAkGepqFlf4DEyMPG5hfA3K_BCz_ydvwm4zlYn6mfS2 Dj9WztToliELeizpQEE RHg5jx8cV4VdwGWBtdUhmCx8CDgHCuE0uUrRQN PHQM3Wi7xOiAnAjMkkqJhneKoc=-G0oAAGRsXWvX4IeysG7DBhw4lUlAtuOwMXau4HEXNRYU6s7hF KO241fppgTQiFTQlUCUiK4Qam UmB6c_MFn3OCeT_716E=-e

http://www.universedlgift.com/lVFhedVEU8aQ Sg24jUcaGiPylz6QeWBY_JWs0WX7gxv6K7yAVS65iNTfNUWKb1PYYL8CAdWEHLBCNIWqq0zZa8JTsqDvQ849wWJ0Wfksk9f4pWhqqmxVSbAp01_UFf1K851eugJ_RSGwpfSN51_MsbowLA1TUbvK2Cqdc1VAwrFGvTQ2ec=-G0oAAGRsXWvX4IeysG7DBhw4lUlAtuOwMXau4HEXNRYU6s7hF KO241fppgTQiFTQlUCUiK4Qam UmB6c_MFn3OCeT_716E=-e

http://www.cleanstockbinaries.com/9_qAk7OkwwC9XYE3z7baCEG_YXCWb9ycqH7_bz0qxaxkAiHqRuTtykIRrCd5HdfSDQwZ814OpUrNAM5gW1Q9RZL4Cxs9AkuBevdc1oz4lsPLKO4YCC85uFs8mIFF_uYAkhHgjzoRJFNxBzMicajtjlzAeHiZAw==-G0oAAGRsXWvX4IeysG7DBhw4lUlAtuOwMXau4HEXNRYU6s7hF KO241fppgTQiFTQlUCUiK4Qam UmB6c_MFn3OCeT_716E=

http://www.downloadvaultgift.com/jw61 dPk5f61oEfvjelvqR0J0oVsdQW1hKqyO7W6PVzSVzBeL4Pto1FaqEoTwtRAWAed6LGhtQ ixUdhs1MbVjLm0hZweSL8BercDtPhorT9Xw9NlP0JXeui0hXRhXYFeXrDOCTrBVpjud0 6q7ePULbsTAv04qWD50_SDurWbGCYrA0pwViGVMxvU2bUvgy2YoU6cex-G0oAAGRsXWvX4IeysG7DBhw4lUlAtuOwMXau4HEXNRYU6s7hF KO241fppgTQiFTQlUCUiK4Qam UmB6c_MFn3OCeT_716E=

http://www.universedlgift.com/L04Lbn3NS_BtSaKPL76p GUgkLozxPu06Zj3zHayJsjjqSf6rZlUsqJafct5K5nlhPJfw_aYAygP1__rb2ZzYvNn6BwPQQFQHPmc0dLeU9bm2aUKwseD_FNlSS1Q21JrkyXfwaA4BWteOwGEiClveyJna3TgkwrMy76atCYlmCAjyt63h3c=-G0oAAGRsXWvX4IeysG7DBhw4lUlAtuOwMXau4HEXNRYU6s7hF KO241fppgTQiFTQlUCUiK4Qam UmB6c_MFn3OCeT_716E=-e

http://www.universedlgift.com/KNZh0GSH7NRe4n8INGZruVvVbzDsiuYDC47M2bOdpx4Lb0fnM1dQOWYlkK 1mOmMOXPNvT399ob8FMYtgmaQVO7viu_GoLiU4PBnVFQ_KofnpZXHl5u4ZArVwuTsS16 9jbIiV9qUrfFYIGu4y5HrKaKTWkcJ4yw_o0Uq0OruWdGV_bjYM0=-G0oAAGRsXWvX4IeysG7DBhw4lUlAtuOwMXau4HEXNRYU6s7hF KO241fppgTQiFTQlUCUiK4Qam UmB6c_MFn3OCeT_716E=-e

http://www.conecptpresentvaults.com/yiw8BLqR2ms_4_T58FnGwayWlpf0byhbN85qYlDoJle49cih0jrAilcZmQ941q1ghho5yuIAqDplhKqzj_rUMFrexC80j7CEMv6dfLPXnrAsn9xAka6a2_7785zCb2SSvC 4AJm3jCHHwwPBr71Q X604T8zOUV8ZXgECzxPsy5Jxu4ooApdvNU4hmZly2e9G3kgHwXF-G0oAAGRsXWvX4IeysG7DBhw4lUlAtuOwMXau4HEXNRYU6s7hF KO241fppgTQiFTQlUCUiK4Qam UmB6c_MFn3OCeT_716E=

http://www.quickpackagesigns.com/ElN5iuYZoQZnYFqOEWN43Hg 7DeURia Vlc1ls7kAyXCaEpC NScsKWXaDWjxeyun2UC3tR9ixAe9tP6CcA5LKwEJWIQNLArnrFUKn32WYOL9yRFXQPoY_l68O46zUxdL 2GDg5pY 3x3xnJS qByLmKzpbRDC0pHluwhpEeZhLV4nQGQxBnqPs9CEQ9FTYiXeavGhHq-G0oAAGRsXWvX4IeysG7DBhw4lUlAtuOwMXau4HEXNRYU6s7hF KO241fppgTQiFTQlUCUiK4Qam UmB6c_MFn3OCeT_716E=

http://www.grabapplicationslaboratory.com/aCqxPa6SYbofDA8mza7kCeQBQRWj_W5j8nwSlMVh5CN5YxClU4GsnpM5L1M_32Z7sdt1MnS0uRK8ptbJHgb7Za8vDYV5QfxzotMQ2Z61nxb4XujkqtAqGv2DKwcE5XAwOQPjwQwfaJPd8AoQ0sqddsC1OWNJJiwmgpHQhwGrXV81V3iKArEUbRpoa7Lat70oIGVEYpL9-G0oAAGRsXWvX4IeysG7DBhw4lUlAtuOwMXau4HEXNRYU6s7hF KO241fppgTQiFTQlUCUiK4Qam UmB6c_MFn3OCeT_716E=

http://www.funbodycentral.com/A8fbL5GX506oNwyfG8y_IJ9JaR9kh5IlYTkGCWCmEE7bD3gii4duW5Els5ww5jmrbuy5cncFoCXWslfVF_Yl15QzbYHYAZESFg2T2ck4HLpGd1KhCGrx0x1GYNxPKpF8qevNN5eRPJfqHP9NK3FAt9LOzy4D02J02ZcHhnJVOCFwDqw4Td2m4rd9iohdXE5iRgHdjfIc-G0oAAGRsXWvX4IeysG7DBhw4lUlAtuOwMXau4HEXNRYU6s7hF KO241fppgTQiFTQlUCUiK4Qam UmB6c_MFn3OCeT_716E=

http://www.nowworldtower.com/ks223YLwpRWUvITOVFwuMjD1HIq17NdxhL9vQTPempU_kkTfmZTOttg6JLTBHNSlm6Cj92phfkgmOurNKHyNqG1Hanlpf5sEPMD2 5bnx55aKWUWw4mr0GLEBmWsxiAtU0Sc08EpJBnaf9xhIdCYpjMQsNN_zZ4Jz48DBcRtSb63IfZ 5pI rmCveYBIGlnPQKpE6rcr-G0oAAGRsXWvX4IeysG7DBhw4lUlAtuOwMXau4HEXNRYU6s7hF KO241fppgTQiFTQlUCUiK4Qam UmB6c_MFn3OCeT_716E=

http://www.cleanfunvault.com/NpHbOOjHI_GH4jKOAYglct0pfre6ns9XBeMrmDtWpe1GMHVFxt2vAJ6S5fGiN5yDoxmfc_xtR8Ce0wiRu_NVwdbyi7OPFO _yYgqu2rE_DXAKJKMB4_qclxIYX 5oXEaliI6ap_3t_bltJK0GK7k4c6PPJNn1zI KQzoDvyaTPzMwUSiyyOZr6Z4HgUKeAW4c77sbw6h-G0oAAGRsXWvX4IeysG7DBhw4lUlAtuOwMXau4HEXNRYU6s7hF KO241fppgTQiFTQlUCUiK4Qam UmB6c_MFn3OCeT_716E=

http://www.hearttowersapplication.com/Lj0_IjXA_3IbqsBLkL7iJWqJ63YozAv6Fr2K0b54fUB69c5KZsx9hnuDvfQOZ7JaynKI RdnX_90fCMUpIec pOXMkGCfGfo5 3ItaoclNdvdubbbU7cy8oJSFNwnIy7uFj9fOhYvrX0xyTBYssrrI9DzfKtzftzj7p5W8Uf3SXS_sfABxrn9x0YvUQ6sJjXAJUObMtP-G0oAAGRsXWvX4IeysG7DBhw4lUlAtuOwMXau4HEXNRYU6s7hF KO241fppgTQiFTQlUCUiK4Qam UmB6c_MFn3OCeT_716E=

http://www.universedlgift.com/1 pubYu cl8R8amsStCIbWiKpEYR06z8voHAmL7EELFuB2531jcSwbp8dVCcp3FHVnzdaYDZ1BPig5Jz0Glft0sxJae4Gb V2_bxlH3evbRwH30wplJFs2BTGWwA3Kuvs_l2l6Bt JpZA gLJrobqhLURxdWD5C_4hOu1v2rDbdWrDZott0 9qqmGh1NnmigTA9N7 NM-G0oAAGRsXWvX4IeysG7DBhw4lUlAtuOwMXau4HEXNRYU6s7hF KO241fppgTQiFTQlUCUiK4Qam UmB6c_MFn3OCeT_716E=

http://www.universedlgift.com/8ZC7dh_phXgHrgMBxalLZmkPXKv5kM2AcByOs JS1jSVmpF3oqm96rnOIpFH931BUesi87_R9Fhvc1vSEiaDwX64NdFD_r ZzysHAty60rmR2Wc5FPqJSEvgjp2wNpOVylaOsyhiU6ds0QCXI9_RWEtzh2eX TffQDFtlQXxw3nPpkLRZ5yi5cthRLLIxZV4SvF_c_v-G0oAAGRsXWvX4IeysG7DBhw4lUlAtuOwMXau4HEXNRYU6s7hF KO241fppgTQiFTQlUCUiK4Qam UmB6c_MFn3OCeT_716E=

http://www.presenttowerflash.com/QxqCQ_JeroUOZh2ZYd06S7sYTFdJo0keaX1G31Le0DXYzgv20zqivMsjpCB304UThhOaUctpX2g4Ynn5LsFiRLgpuyZkQgAGWzpxtTyIPsmtsJt5AlP7EUFHyj_00VxPgO21xva8 rgBwT qZxk74gy5XcMW2c6NYNSB_dJcE8X90ny6a2W3M9tn83Ec7227tyohlOtu-G0oAAGRsXWvX4IeysG7DBhw4lUlAtuOwMXau4HEXNRYU6s7hF KO241fppgTQiFTQlUCUiK4Qam UmB6c_MFn3OCeT_716E=

http://www.downloadvaultgift.com/45aiBgKhD2C2L_wqPe8XhMqw4e9H9SWerw7l0tdcGtSDq521hU0Qhx4kQhVHimXFb2aJ_jPL_VVaJrWgz xkidEcfVnjReYX j55hI9rpcOeyeRhV0PLr xEDZIT2IfVJwzBtXgBeHv Jvh70hfkOnjIacJ1WiGRPEeDCuSRWzLfVFWyaVFOdAABVweXoiDS_wqj8SAS-G0oAAGRsXWvX4IeysG7DBhw4lUlAtuOwMXau4HEXNRYU6s7hF KO241fppgTQiFTQlUCUiK4Qam UmB6c_MFn3OCeT_716E=

http://www.universedlgift.com/Lym1z3Q3ewVf0cEluQhT7tXCrwDdjhNkm5xaF7BzyidV6U efMXAxJgqV44C_ 1vhE6jqiB K5icAvV8L7O63Huw1tw17T8AB _RR7qjuCo8YGuNWPs9v_dd618uK8Ft9AsCIs0JrHJc2iml4qx0p1nHHXe22JOvEM4jiMIWHxZ5LsyVZih1HbXTjAwj8WD3hKbgBuN-G0oAAGRsXWvX4IeysG7DBhw4lUlAtuOwMXau4HEXNRYU6s7hF KO241fppgTQiFTQlUCUiK4Qam UmB6c_MFn3OCeT_716E=

http://www.signsnowquick.com/y2lKH8TMGKspoV8MMNIBPKqorT9yiNex6WQ_tpC9nUiz S2RZBdvJKvMJ4DiZTWvJ3s0ZSFBoHZTf659NSxnrVCslq6B8Cn0tI2M0yiZAPAVM Mjm01mCDQghtnklfmZLuBlQK2K2DjB_CBTBiY2uLaN9igJp44xe1GbKbj MNVFE9y75sSQRtpL0bwapqaKm1MjsvO8-G0oAAGRsXWvX4IeysG7DBhw4lUlAtuOwMXau4HEXNRYU6s7hF KO241fppgTQiFTQlUCUiK4Qam UmB6c_MFn3OCeT_716E=

http://www.presentgifttown.com/I7djpf7QeVGoNhwRM0SRWQ72aKyWi7Cbm1Oq1ZiFMzehKjldaA1fUjGKn17ypG7dQ0pDW8E59V5QRqeuBfYG8Wli_Zj63HffisKrPRYeEgQ0kVl 26D7moSmsCjqGF3 Xk73Y7qIpvEVI9QosFZB2RFJ6orzjymQ_FCGJ_OHT4oppOHJifIvpKf60FSPD5n6LoVkkaN4-G0oAAGRsXWvX4IeysG7DBhw4lUlAtuOwMXau4HEXNRYU6s7hF KO241fppgTQiFTQlUCUiK4Qam UmB6c_MFn3OCeT_716E=

http://www.cleanstockbinaries.com/LNvQUNFyeFR39xJLOcBGZB_KlH_stQEt9tge5vQ4pDZUjYH27WA9s3aW2_IuIGVC2xiZUXpPqepGVnjkt6IpHBcuRgIHhW6AntmnbsfeRCBLcdMFRDRv26JCdUhE3TsNR0rLSmTrgbU16_RmWbyPeQGkNJbjldoQ EQETDz1C7 M91D9qHCwv_uHvosGL08NsA61oKUm-G0oAAGRsXWvX4IeysG7DBhw4lUlAtuOwMXau4HEXNRYU6s7hF KO241fppgTQiFTQlUCUiK4Qam UmB6c_MFn3OCeT_716E=

http://www.appbundlesdownloads.com/N22Wxxp82HuFUpDDXsNvvcQFyR6mKPjHWfavxwXBohHG19Bqsg5KSIZhaw60Bwb4N1lZXtf_KpFqtEA7kCkjVAJ1gWOcQVbZYvB0ypFgJowl3qSKyvUMz2EPAlXRO0zLY5Q611p_UIK8ZuIE3OfDPZV HozyyvW3H5xFZ8rdZbbL1BFpusMP2efQKSbLWo7LdSzth8Ve-G0oAAGRsXWvX4IeysG7DBhw4lUlAtuOwMXau4HEXNRYU6s7hF KO241fppgTQiFTQlUCUiK4Qam UmB6c_MFn3OCeT_716E=

http://www.hostapplicationsbundle.com/NaUIwLQC23hZ QKVlTGaQPMBnwfbKMJBQFMtYwIYB8GSqXSi81OjDC9tql8nj24k1ct7h9Tl eNbYJPYGIprl9MANIgf1ubxQOGkifPUYkbwOVDdjQHPLHSaC0PXsSpkUsr9Y2KWh0Yon2aCxaY07 5t5yRSLCRRO8X6kS_1Mvl1 KY8caLR2wLipVATG_fA0inCLJDn-G0oAAGRsXWvX4IeysG7DBhw4lUlAtuOwMXau4HEXNRYU6s7hF KO241fppgTQiFTQlUCUiK4Qam UmB6c_MFn3OCeT_716E=

http://www.downloadsranchguard.com/tHCKjwKReyrZsy84ap45eXJmyAtyE7nsIduNMs64N7nW9sBFuHZT2IbFOU0psx7nUmUiOFIMLJfCq91rbJ5IIEve21ytfsc9cRmRGRW21QLoxlG2fKYnlT2ZPISFrDxwOs7hKdgoFywZHGAEqmXTwpXV5B5U18SPtyyhbdEj3StUHBHj7lFDtmhKgnutIZ3ph5hSNBHg-G0oAAGRsXWvX4IeysG7DBhw4lUlAtuOwMXau4HEXNRYU6s7hF KO241fppgTQiFTQlUCUiK4Qam UmB6c_MFn3OCeT_716E=

http://www.universedlgift.com/h413pytEh2fR5Winm_XTg_n53ZbJyxKf_1Pa_ sq2G6f5WOvhGYvrnUe4w1Uc9wpxck8WtfkmAzUb sAUo6hYzctJpdWRwvnhSV4LSvyDHX8x0Qy_MdHWvO9yDMS_ZtANY2Ta5Fk_T2kOSUjB2EEmYf8SdDAfJBl9lWiYpJGozt4DFq3wA=-G0oAAGRsXWvX4IeysG7DBhw4lUlAtuOwMXau4HEXNRYU6s7hF KO241fppgTQiFTQlUCUiK4Qam UmB6c_MFn3OCeT_716E=-e

http://www.universedlgift.com/B6lGcfrzSamVukzUbxEXhwaH8FON_CpJQUzDVfMnn0WGAhYBkDaYdbmAwMcD ALLk7ALHFy82teXBTBtyrtNynhGrvciA8QS2ToZgCsPODJrPOBP84PVGrez 8UShkWtzaiNzUQohXM5wfptHD6Ejfo5XlazGLi0ygKRYtDh21dn2Aal8Mz0UhWq4sgUfdnEPQ0aia0j-G0oAAGRsXWvX4IeysG7DBhw4lUlAtuOwMXau4HEXNRYU6s7hF KO241fppgTQiFTQlUCUiK4Qam UmB6c_MFn3OCeT_716E=

http://www.bundleguardpackage.com/cLzdrufwMtS5eaog9iMPYowgQstW4WlK_j85LxSs6s7dMFGvBgpz7kripFoUeTLNW2RNUSFqLau3Yu_kHmo FMZSGEoxpK5mfgrLNW3W4afJ9xi8mc5wwUqytR4F2pAQ2X2v7xXh90IdBOioFhMfCJHFzBoC03_sSnFZPd6dsABlrRoiseaaiE8IDwTQtqrFDNfbCLQl-G0oAAGRsXWvX4IeysG7DBhw4lUlAtuOwMXau4HEXNRYU6s7hF KO241fppgTQiFTQlUCUiK4Qam UmB6c_MFn3OCeT_716E=

http://www.presentranchpackage.com/lw1UpGO5BN_rzQmFbcYeawbBIBGHTQqN2mcSeFeaM7RBAb7s3cBta3JJ7RlhYFp5O_TtSN9oaBoN4 olyA_i5KPlnGOGdNYj0MY6kMKfpWyJjrKtd1tnlOTz7LFW_BPMZzbQRG9eOQOe7pJPClTfkIRc9IJU72gslvvtNcCFky_Eu0pCxOU_A5rhYg1FeYRBbNQOMmJh-G0oAAGRsXWvX4IeysG7DBhw4lUlAtuOwMXau4HEXNRYU6s7hF KO241fppgTQiFTQlUCUiK4Qam UmB6c_MFn3OCeT_716E=

Latest 30 of 2,549 download URLs

Scan poweriso6.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.