» poweriso6.exe
Overview
Analysis
File Details
Downloads (126)

poweriso6.exe

PowerISO Setup

Power Software Limited

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The file has been seen being downloaded from www.besttourfactory.com and multiple other hosts.

File name:

poweriso6.exe

Publisher:

Power Software Ltd (signed by Power Software Limited)

Product:

PowerISO Setup

Version:

6.4.0.0

MD5:

50bc7ca218da4ed2428f9d5cc1b77775

SHA-1:

fe43a4df251739ca091fb3c4ddfcd2746d89246f

SHA-256:

11363a88b8a348c4887f23438071f7e1757293602d2f78e965735f8ed5b0a306

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

False Positives:

A number of engines detected this file but were erroneous detections (false positives).

Analysis date:

11/23/2024 7:58:30 AM UTC (today)

File size:

3.3 MB (3,452,184 bytes)

Product version:

6.4.0.0

File type:

Executable application (Win32 EXE)

Installer:

NSIS (Nullsoft Scriptable Install System)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\roaming\poweriso\upgrade\poweriso6.exe

Digital Signature

Signed by:

Power Software Limited

Authority:

VeriSign, Inc.

Valid from:

3/27/2014 5:00:00 AM

Valid to:

6/26/2017 4:59:59 AM

Subject:

CN=Power Software Limited, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Power Software Limited, L=Hong Kong, S=Hong Kong, C=HK

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

227EFDF22825BA270530FB09D52B32F8

File PE Metadata

Compilation timestamp:

12/6/2009 3:50:46 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

98304:udph9AS7eWePYe7cECZLqPwbMOXlO9ZCmb59Xthfa:udpQBkqcTEYbyi2phC

Entry address:

0x323C

Entry point:

81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 30, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B4, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 58, 3F, 42, 00, E8, 09, 2C, 00, 00, A3, A4, 3E, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 58, F4, 41, 00, FF, 15, 58, 71, 40, 00, 68, B8, 91, 40, 00, 68, A0, 36, 42, 00, E8, BC, 28, 00, 00, FF, 15, B0, 70, 40, 00, BF, 00, 90, 42, 00, 50, 57, E8, AA, 28, 00, 00... 
[+]

Entropy:

7.9955

Packer / compiler:

Nullsoft install system v2.x

Code size:

23 KB (23,552 bytes)

The file poweriso6.exe has been seen being distributed by the following 50 URLs.

http://www.besttourfactory.com/c?x=QoXNypsOrO7yvbbSy/ RSlEgizrqcrM/3J59zAf7sJc=&c=QQL1pwAOb2MYCOdd6vHIRG1PxtIkRKkulnbVhS8FZAV4ue3WjqZL0Oq4wyL90jOH84SKGPUTbf/hnd3 QorzRMN63QjVmU27FCUZ5hveGU9opPuZcAtKpxFNB2oG9CTAcqVpOX0vpYt3TPOJt8DHFw==&downloadAs=PowerISO6.exe&fallback_url=http://download.cnet.com/.../3001-2646_4-10439118.html?hasJs=n&hlndr=1

http://www.clearsafecity.com/c?x=H0HyKfzeMjDJumwcYdp75 i47wRMZMa2XU42XYAZDbE=&c=vBC7N/Ma7mjdstQCcCHGE5tBOZ9mSw0Vqs8l fkJ69UT7KNFXtQgVNjqB7PTUu Sq3GfgdpWFX MDjExkrSyh0U2Q/TXCPOQQNSHgPu4XmawsHrsNsGx6pF47 Wvrc1g/kjj7AGxNpUqdsWz4zssCw==&downloadAs=PowerISO6.exe&fallback_url=http://download.cnet.com/.../3001-2646_4-10439118.html?hasJs=n&hlndr=1

http://www.farmdownloadsclear.com/c?x=cMdpCxLzIRkDf7Svwt3rR/XLa4V9nmOwTs1cJM4G9b8=&c= 2PcqTtYoOmTp7MRODdIgaV0efsmhjQjyxPsrf85FThQihTnMDrygehXnNoWDC40zbygy0yxgiMr/E3Ys4j ku0SjUYPRYAfkTX8YrvoOYs8lML6mYIRCnHED8IR7kL ZGUHG2V3haP9Bqux8h5FrgpUgWd5Z9gT0nQ9Hvayc2Y=&downloadAs=PowerISO6.exe&fallback_url=http://download.cnet.com/.../3001-2646_4-10439118.html?hasJs=n&hlndr=1

http://dpcdn-s07.pl/.../PowerISO6.exe

http://www.clearbestcycle.com/c?x=ttmYTWu5Cqj2NE7 uLqisCfco1c9OVwGdyntdXRaNt0=&c=9yL9/ZT9RaynBnY5N OykJ QRbSyId4CCjvS8Ff0XkCVAfaJPtEtd4cAd5gBoNIFGjsxP5gL4QIanfulOPI9PPZm5Cgm/QBwfBAhgeEs Wu4BOq6ctMyQDlU0fHlEGpd2lMODvRZq3Pa49ha 0oF5Q==&downloadAs=PowerISO6.exe&fallback_url=http://download.cnet.com/.../3001-2646_4-10439118.html?hasJs=n&hlndr=1&re=1

http://www.conceptsquickdl.com/c?x=EDgo KMfD9xn6pCaExMDqCHR1yU6IPPCaPR8u7AC9N8=&c=2j3p4bizHhafeZHMmu91ExWHMxw5CzrhOZwu8wfXHep1tdXHOnPi2lnCFtQsC56IoggxH7Lbp5YjU4iXxhfZOOWdQnOmijizlUt3eKWiC/VTp8kfvcoDeL4mI27IsYRXk8WeZjs8wtShk3PnOQUWEQ==&downloadAs=PowerISO6.exe&fallback_url=http://download.cnet.com/.../3001-2646_4-10439118.html?hasJs=n&hlndr=1

http://www.headapplicationflash.com/c?x=dkGg7CggzHykuFAhYlOwtqrFH6wMiaov1LxZvdJLcak=&e=0&c=xhkO4Oxxvw7tTB7pPzZFVDfx9d6jVxvjvMOuOun2y8lwgM pOSZi7lv/.../BWO5nZd175zfj9JcvC ZBTzrfmePlBD25JOALMx9omYyQT23bL4qfscTTFuZXZxjKC4UxoaPXXMM9MVi4yvO EFro5JdNnRTOMrafTY28ur1eq0o=

http://www.centergiftrepository.com/c?x=nPvxvPCE dfpoGiFeK UQLZK0LeHWjH nSkkv/qOGGg=&c=FCg1xlpuRtjPuWtVcIoFUGmyy2VSc Uevq2hdmU14JHl1x9jTl3TLFtv hrmwZSzkFO8DYUC73eD8TuVCWt4VvtE3s1q2KoOj8mD7IGsbKL36xmaBL6GvR1TBzkGFT3YTF/e4SkKMlraQYofq48VAQ==&downloadAs=PowerISO6.exe&fallback_url=http://download.cnet.com/.../3001-2646_4-10439118.html?hasJs=n&hlndr=1

http://www.centergiftrepository.com/c?x=atIW6qZT5HFJXsjVECA/Jg/8vMACeviW6qAkMee0eAY=&c=Smg2eeIWB0zx9KUp1CA8IIRIyaBQBhdtvkZGSjPqhwnMRTTYA//WlJ/imErJSSS9r7YpmX2Q3dGfPF02F/3cn3cxZGXh/9D dO/buDYge8xetdb7w ZMLci0TVR2Hecm&downloadAs=PowerISO6.exe&fallback_url=http://download.cnet.com/.../3001-2646_4-10439118.html?hasJs=n&hlndr=1

http://www.bodystocksend.com/c?x=Hcyp e7V/k9m0f2dbr4Ovm/V/MNd/vJU96YZ7WN3pis=&c=r03eQK1gweR3r4cEfniBUgg/hz75U63qNE/98hvRxiHPRy7ocORcaeaL siGWJkPverbUIRO9PrIRBfzLum1yaLXNOP3CBhvrq3LukyzdCXfFrQy12/6IxeSKS4A4uRCNPxDqZQ5DJwbJxY8seEt9A==&downloadAs=PowerISO6.exe&fallback_url=http://download.cnet.com/.../3001-2646_4-10439118.html?hasJs=n&hlndr=1

http://www.farmdownloadsclear.com/c?x=V080M/EDxfljDCJ/Ztec8awtrozuvDJoqI exRzaAdQ=&c=EFScXIz2yU j8wMYAzPBX9TD/oCAHQClWR0x6n/Xg1k1lZaltWRqKOw2GJN BLnBzAbpHJ1Id3X6IGm69tOf7L18DgP2 HkvNSXr8b24q0StCgh2FcXexrErgaiflzPh9ET9XrdhB276af/h7c/n0lI3sQ9KVvo8w5ccNxzsmo8=&downloadAs=PowerISO6.exe&fallback_url=http://download.cnet.com/.../3001-2646_4-10439118.html?hasJs=n&hlndr=1

http://www.packagetownbulk.com/c?x=Fm6Zkf2zDff o7YV/9ph Ngt/F 5CP4BYmz3ZefFjDQ=&c=WPqg4MBoO8YC uqhcPa/cFjEDv9oq4VmD6UeTW3gOO/4v/Rc9oTIl7HMo0pWxeoM90kpi2L52B5xUB3ceg75n5fcM9wq712cwXfvu576thJrilcrcUj8qbQgXZdgO2hGObu w3gwXCufgeQojXMdRNbXWGko5n2pwVLKWuKBMLA=&downloadAs=PowerISO6.exe&fallback_url=http://download.cnet.com/.../3001-2646_4-10439118.html?hasJs=n&hlndr=1

http://www.towerstagfactory.com/c?x=gTFFyTpzPkgwyYvzU3j5OwQHInBter5SrLiC0zyyriw=&c=Cuo6Q5RsDrpHpmnkt/5OTJRCyD07xLwUfm 0Z0H4pS70ivf rFExI4NL /KFjovgHzIXpJtA NLxTWINQ7b2mX6tuBX9FK5hHYOb9ifYGQWipo6METL/5dedOy1QEQ51HS7vyz4plJCpY25j4JUVGg==&downloadAs=PowerISO6.exe&fallback_url=http://download.cnet.com/.../3001-2646_4-10439118.html?hasJs=n&hlndr=1

http://www.centerbundlecapital.com/c?x=ZYbVO6nixTHDcVjIvONHcAStSQt7pdSwJoEcoEkww6s=&c=JUCeoj/V7HiIdX5DO9pV/dfDWCvB4He2Sl550oAzhzlk7hivytvj QOtm0OYbityJcgf CiFumo99DB2zQNL/TtkssTiInI1K9au9gKpTZRy3UABUtkn4KOb7xyJZYjPKKtQoJZM5CChekTKk8fGPQ==&downloadAs=PowerISO6.exe&fallback_url=http://download.cnet.com/.../3001-2646_4-10439118.html?hasJs=n&hlndr=1

http://download-1.com/softwares/.../PowerIso5.0.exe

http://www.towerspresentranch.com/c?x=udlQh1tT7QMox/EulcNlSG9/XXJ62eBhqnvbBC86yIU=&c=QbXJCn/PVY3IBehqg9NCYrJcaiUvl3P2Fxs7sQVkqDXcXX6PmbaC59Bv3/RtGh8fFmaJ7qlFSyGnd0/HgAcqVev66tkmjixCeHOXOSKpNBYhZRxytdKd2yaa2eUTIUZx21DDkak2YotFxFAReCIBbtzmFIWcI6cFLSegQdJe3sU=&downloadAs=PowerISO6.exe&fallback_url=http://download.cnet.com/.../3001-2646_4-10439118.html?hasJs=n&hlndr=1

http://www.safetodaymeta.com/c?x=aFR6L6NkmI7E8davI3XIpiqaJCFbWQKi79Unt2eVAoI=&c=gEilhoXmSkNa0FovTuq/th6frqo2f7F 91h2hVF7 2ojLqOs2XaoPiSp7m1gOyEWP0C5Tk2Fn6/ElFZIo9IsOXpO9gt03HtOSOqAiSqOUh7RueYPQx2lhP2aaNc065 0CRmUqOooeFaW MKKuzEpeMSvhVOAjGpYiwWYdqcRX2A=&downloadAs=PowerISO6.exe&fallback_url=http://download.cnet.com/.../3001-2646_4-10439118.html?hasJs=n&hlndr=1

http://www.safetodaymeta.com/c?x=xc8OE0UfqPp9x7wvEirCqMi7VhcGnBPZvXNMVd/9srM=&c=LyD rwxiINeZyLL4LW8rw1EH2bnhk HFwG5Jq9v0NBhqrUEHoPIRh5bESAzCY3vDOkOaBe7GJ5h2OSliZ3/LLzv1GjUHjvbN/GA8Sc oeBO2Xfl0br91 GqU2oQxm63kUT5eN7UMM2SQbY/rZAWnkTFhZGQVqIiobKKzTUNdTmU=&downloadAs=PowerISO6.exe&fallback_url=http://download.cnet.com/.../3001-2646_4-10439118.html?hasJs=n&hlndr=1

http://www.ranchuniversefactory.com/c?x=8m1bcLPv4xEE3Sr0cBCUrS6nBJ9ouSSbxqmHropFZOw=&c=QQnDlLMMU21 dWEAQr5hqrC1FrDVUXI56s5stv37T9c0wDtPdrJ/pVaA8HBwnOuPPGXX/2a9/y3YqGRHEzxeNdPsLkXlhA7KvPgJJ/5mlhF5eT8WmSGC7CMkTyqFcFFv8E io2BJj/Zn6sGuomSYEw==&downloadAs=PowerISO6.exe&fallback_url=http://download.cnet.com/.../3001-2646_4-10439118.html?hasJs=n&hlndr=1

http://www.quicknewgift.com/c?x=u/xkMZLD5nfee1mdqDwuza8efXBLfjv6VbwU///ukTM=&c=dHcs7c9DJ9Lv8a4irJK9Lfk4hhBmKXgi S/8UJSnQ9igxQVxPHqmx9wk2kcpwOMbp9EVDJEmtc2MKettY0tAjQ6z7U4yCcz3pCYREFc5RO0fVNqcGsv2u2oAah9i1C2WrLkSywPwltu6j3Zx9cbASw==&downloadAs=PowerISO6.exe&fallback_url=http://download.cnet.com/.../3001-2646_4-10439118.html?hasJs=n&hlndr=1

http://www.vaultmetasigns.com/c?x=JK00PhQMG7HYmZmvODCFNTJrZ TifPYN9C1gixk70YA=&c=AQn/qJoMs pKQsO3 JierpxUlYkr1ZmkUYu3kqiflF04KyX2w1WEOmUsbmpQq6Ub9lXvcbHpOrK6ASDs0Bq1f8v Gq5ZAhDQ tkLuuQKCvu/NTLX9g5vg6ZhpAaPtQGvH3pd64Vm3RaZn1VvqWxh7w==&downloadAs=PowerISO6.exe&fallback_url=http://download.cnet.com/.../3001-2646_4-10439118.html?hasJs=n&hlndr=1

http://www.winarchiver.com/WinArchiver3.exe

http://www.hostbitsbyte.com/c?x=OSgjYs5PCFgYSD5dJRKdACjnFE7qeQ9zPIx7fk1UHMA=&c=lQ//aOC63hxPIjnnUudYSZeqfFDzL1UdkFw8ZVHKazVX 8AnqBmzbXtyibfKBuAOlYw31 FMF ZCORP5tuODltnytuuW1J7A3wBv15H7b6s4sohIj9udouVyoRLdTLwJT1dsilLY/E2ekw4eMJwYTw==&downloadAs=PowerISO6.exe&fallback_url=http://download.cnet.com/.../3001-2646_4-10439118.html?hasJs=n&hlndr=1

http://www.bitstagcontent.com/rrruIbD_ibDO8gf1k84a4vYbf5vx3gK1hHK YCDAH4qKjJmrrSc0KCZosX4b6qsNDZnmhD3oyral1UVB9o3gv416qYZ8Nc6Sv9BPfVE9MHPJZeJ Tif8vDYXoYVW7dXNWaEcO_pQiazEUxc9XzMbdDtCN1FJDz_14qp0AqGuEo9lAfi92_WM7C8AcIGknm27hsO5xqcO-GzMAAEQnh9T_2i4QQRwkwQYcOBVIxAPIsDF2poKnH2usqMgaiT2WZV5zO31rCPMD

http://www.quicknewgift.com/c?x=qWmGaspYoVGsBMuWaubkm6t7nzaiCxcVMbRPnOSvEKw=&c=G3sHZQXNeAwly5uzc3MMY7CtnMtbZtNEHWVMjpw3mKbCiY06pnZYnsxJiXnWx1Rr5z1Q88nJI6oyX/Y2dCbrv4JjfmQl5BgoPzIwjRMNAgbAfuVxWAp8 qEwmf8KNCscnECOWQELymIPzDVs4Gw1yg==&downloadAs=PowerISO6.exe&fallback_url=http://download.cnet.com/.../3001-2646_4-10439118.html?hasJs=n&hlndr=1

http://www.softwaresendbundle.com/c?x=jLx23XuSmlEu68I7MS5pXEhHvpzzet MUvKsjxYgKtU=&c=hwq1MWsTZLBD0pru0UoF Ye/jhsUK6jGpt48 vVfyiay5StamZF8GVPet97eyXeOvK2YvuQ8Wg3DdjQKzM4KbtXPFQAVofC36BPrtFrX Oybgb7zbHoJRkqvKRx9PZwchipTzKhRsgc45YJjMBPI8YZH/0alysjfP99gtWNSbgw=&e=0&downloadAs=PowerISO6.exe&fallback_url=http://download.cnet.com/.../3001-2646_4-10439118.html?hasJs=n&hlndr=1

http://www.citypackagetoday.com/c?x=zwU9tutvE28a2chDOg HfElaMFVPxOazzXEJyaSzjNw=&c=8gRaco3kv7QimNJqLaAZisO WREFS 3SloIOp5dcRx3JqA Keop3eVp5ULLG4/IvNZvQUlcX 1ME2M8WAc/jzDPxQK/UUXe6exhKB UibblCSZS8uu0yKY1T2clyzJWx&downloadAs=PowerISO6.exe&fallback_url=http://download.cnet.com/.../3001-2646_4-10439118.html?hasJs=n&hlndr=1

http://download31.mediafire.com/0yvc36zj1qyg/.../poweriso-bit-32.exe

http://dpcdn-s10q.pl/.../PowerISO6.exe

http://www.townpackagetours.com/c?x=TFVRz9hTv3 nwIWM1S8fF7zieVWYukpg5nhbRiyStG8=&c=6a/UJVAYEVhYh4cTa7lUob 5eZh37AboS9CHYIVNGaaeHKJtF0ZpwcVQixXpOy1fgfMdFS06tGjnbub4nDiuvr1dkEHr1kdxfwOHVyvKaylmsCBwgidF0Wn9ADVcaV9F&downloadAs=PowerISO6.exe&fallback_url=http://download.cnet.com/.../3001-2646_4-10439118.html?hasJs=n&hlndr=1

Latest 30 of 126 download URLs

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.