home

t2f+fdqw.exe

ExpressBurn

NCH Software

This is installed with Express Burn Disc Burning Software. The file has been seen being downloaded from software.thaiware.com and multiple other hosts.
Publisher:
NCH Software  (signed and verified)

Product:
ExpressBurn

Description:
Express Burn Disc Burning Software

Version:
4.98

MD5:
3a915fd2de110081f9ca5e27c893c0e0

SHA-1:
64edd5112441c7e469fe71ec17b8fc5c3f5049b3

SHA-256:
09f8a16ef71e63d01c49eedbc1e04ec4456cd95d955528be5839e7b67d46391a

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/27/2024 4:36:09 AM UTC  (today)

File size:
841.8 KB (861,968 bytes)

Product version:
4.98

Copyright:
NCH Software

Original file name:
ExpressBurn.exe

Language:
English (Australia)

Common path:
C:\users\{user}\appdata\local\temp\t2f+fdqw.exe.part

Digital Signature
Signed by:
NCH Software

Authority:
Thawte, Inc.

Valid from:
7/5/2015 5:00:00 PM

Valid to:
8/6/2017 4:59:59 PM

Subject:
CN=NCH Software, O=NCH Software, L=Canberra, S=Australian Capital Territory, C=AU

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
58D9B9D38780932DD1CBC58A2AD28B1C

File PE Metadata
Compilation timestamp:
1/24/2016 3:09:42 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
24576:8m10IRjfqHBe2ZJe7itFEeF+p8py4Abx/5cr84NnmO:f0CjiPa7ia8p4t2r84NmO

Entry address:
0x11D4

Entry point:
55, 8B, EC, 83, E4, F8, 81, EC, FC, 16, 00, 00, 53, 56, 57, E8, 03, FF, FF, FF, 33, DB, 3B, C3, 89, 44, 24, 14, 0F, 85, DF, 03, 00, 00, 6A, 06, 53, FF, 15, 8C, 20, 40, 00, FF, 15, 48, 20, 40, 00, 68, 6C, 24, 40, 00, 8B, F0, E8, CB, 03, 00, 00, 85, C0, 74, 10, 68, 7C, 24, 40, 00, 68, 80, 24, 40, 00, FF, 15, 50, 20, 40, 00, 68, 90, 24, 40, 00, 8B, C6, E8, AB, 03, 00, 00, 3B, C3, 74, 49, 83, C0, 0E, EB, 08, 66, 83, F9, 20, 75, 0A, 40, 40, 0F, B7, 08, 66, 3B, CB, 75, F0, 0F, B7, 08, 33, F6, 66, 3B, CB, 74, 20...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
2 KB (2,048 bytes)

The file t2f+fdqw.exe has been discovered within the following program.

Express Burn Disc Burning Software  by NCH Software
Publisher's description - “Express Burn is a free CD burning program. With Express Burn you can record a data or audio discs quickly and easily by dragging the files you want onto the icon and clicking Burn CD. The software then does the rest, including converting the files if required.”
www.nchsoftware.com
25% remove it
 
Powered by Should I Remove It?

The file t2f+fdqw.exe has been seen being distributed by the following 11 URLs.

http://software.thaiware.com/download_url.php?id=4103

&onid=2646&oid=3001-2646_4-75219417&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=mp3audio/cd-dvd-burners&topicbrcrm=&pid=14501576&mfgid=10012381&merid=10012381&ctype=dm&cval=NONE&devicetype=desktop&pguid=89bbade18c2578436c85aa24&viewguid=c5CQ496FzXH0-EcafW0@EGiuZQ2LVuuHWLLN&destUrl=http://files.downloadnow.com/s/software/14/50/15/.../burnsetup.exe

http://gsf-cf.softonic.com/64e/dd5/.../burnsetup.exe

http://www.nch.com.au/components/.../burnsetup.exe

http://software-files-a.cnet.com/s/software/14/00/58/.../burnsetup.exe

http://www.programosy.pl/.../pobierz,express-burn,2.html

http://www.nch.com.au/.../burnsetup.exe

http://express-burn-dvd-burning-software.en.softonic.com/download-tracker?th=1/6CH9aeXedl4L8u BHNJXWTW LP1LFlnGQpxqjlxANmFrgIixlXHsW75KghYmvjrVRoxWOFrb9/uiVpEIjy7CbmuSwFdPmdgQaKSMvRHD85C5rXJi4ha6mBcFwx2uhnIafbA55aNd8UKY/Rw/gk6nE/.../I cRe0Oi4Ab0Wbwk=

http://files.downloadnow.com/s/software/14/50/15/.../burnsetup.exe

http://www.downloadcollection.com/downloadredirect.php?idx=893256

http://www.nch.com.au/.../burnsetup.exe

Scan t2f+fdqw.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.