home

daemontoolspro520-0348.exe

DAEMON Tools Pro

Disc Soft Ltd

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. This file is installed with the program DAEMON Tools Pro. The file has been seen being downloaded from letoltes.szoftverbazis.hu and multiple other hosts.
Publisher:
DT Soft Ltd  (signed by Disc Soft Ltd)

Product:
DAEMON Tools Pro

Description:
DAEMON Tools Pro Setup

Version:
5.2.0.0348.0

MD5:
cbec2041f7fba1261772f94d95a3a5b6

SHA-1:
298519496841918ae9bfb015a4543e56c4067590

SHA-256:
ff6d82f540ae4159eeccee4ff54e9b96e4f69a096c0a63c77c005211e1fb87b2

Scanner detections:
4 / 68

Status:
Inconclusive  (probably just false positive detections)

Analysis date:
4/27/2024 1:34:50 AM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
Win32/OpenCandy
7.9307

Fortinet FortiGate
Riskware/OpenCandy
12/24/2013

Malwarebytes
PUP.Optional.OpenCandy
v2013.12.24.12

Reason Heuristics
PUP.OpenCandy.Installer (L)
16.11.28.22

File size:
19.1 MB (20,013,776 bytes)

Product version:
5.2.0.0348.0

Copyright:
Copyright (C) 2004-2012

Original file name:
DAEMON Tools Pro5.2.0.0348.exe

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\daemontoolspro520-0348.exe

Digital Signature
Signed by:
Disc Soft Ltd

Authority:
GlobalSign nv-sa

Valid from:
5/29/2012 5:52:02 PM

Valid to:
5/30/2015 5:52:02 PM

Subject:
E=finpr@disc-soft.com, CN=Disc Soft Ltd, O=Disc Soft Ltd, L=Belize city, S=Belize, C=BZ

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121356405609AB95F8DDB13164B82F96DE5

File PE Metadata
Compilation timestamp:
4/10/2010 12:19:31 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
393216:xuoelWrb4SYMDc0/SNFKXAQ7Fa/I8sDFbK1YppvKT0npRfU1k9y3wnM+s7EJnx26:xWly448Y7JA3upeaTcGPM+s2xT

Entry address:
0x354B

Entry point:
81, EC, D4, 02, 00, 00, 53, 55, 56, 57, 6A, 20, 33, ED, 5E, 89, 6C, 24, 18, C7, 44, 24, 10, D8, 84, 40, 00, 89, 6C, 24, 14, FF, 15, 30, 80, 40, 00, 68, 01, 80, 00, 00, FF, 15, B8, 80, 40, 00, 55, FF, 15, B0, 82, 40, 00, 6A, 08, A3, 98, 06, 47, 00, E8, 67, 27, 00, 00, 55, 68, B4, 02, 00, 00, A3, B0, 05, 47, 00, 8D, 44, 24, 38, 50, 55, 68, 1C, 86, 40, 00, FF, 15, 80, 81, 40, 00, 68, 04, 86, 40, 00, 68, A0, 85, 46, 00, E8, 35, 26, 00, 00, FF, 15, B4, 80, 40, 00, 50, BF, A0, 10, 4C, 00, 57, E8, 23, 26, 00, 00...
 
[+]

Packer / compiler:
Nullsoft install system v2.x

Code size:
25 KB (25,600 bytes)

The file daemontoolspro520-0348.exe has been discovered within the following program.

DAEMON Tools Pro  by Disc Soft Ltd
DAEMON Tools (short for Disk And Execution MONitor tools) is a virtual drive and optical disc authoring program for Microsoft Windows. Mount *.mdx, *.mds/*.mdf, *.iso, *.b5t, *.b6t, *.bwt, *.ccd, *.cdi, *.bin/*.cue, *.ape/*.cue, *.flac/*.cue, *.nrg, *.
www.daemon-tools.cc
16% remove it
 
Powered by Should I Remove It?

The file daemontoolspro520-0348.exe has been seen being distributed by the following 50 URLs.

http://letoltes.szoftverbazis.hu/XcVOczGSPoOTS8mtix0lWg/1483052391/.../DAEMONToolsPro520-0348.exe

http://letoltes.szoftverbazis.hu/8UhBF-sgmLTbRU1kXW240g/1476279533/.../DAEMONToolsPro520-0348.exe

http://letoltes.szoftverbazis.hu/Rh7aA0sh6WgkwznqnHdyWA/1477845470/.../DAEMONToolsPro520-0348.exe

http://letoltes.szoftverbazis.hu/x8-XGPxXMETstfTeFUop8Q/1474212547/.../DAEMONToolsPro520-0348.exe

http://letoltes.szoftverbazis.hu/U6MwHulK6xpFI4OCG-b9Qw/1487524007/.../DAEMONToolsPro520-0348.exe

http://letoltes.szoftverbazis.hu/zJMHb_UvpTpn5uPt81Rsog/1485440630/.../DAEMONToolsPro520-0348.exe

http://letoltes.szoftverbazis.hu/1teTyJ4YRm8UYTf1V3IfMA/1488639379/.../DAEMONToolsPro520-0348.exe

http://letoltes.szoftverbazis.hu/yrb4WuCcG4gn_8sR7c7BJQ/1483355822/.../DAEMONToolsPro520-0348.exe

http://letoltes.szoftverbazis.hu/eFKQa3IwWZbWvdkc0HxQXg/1443625033/.../DAEMONToolsPro520-0348.exe

http://mirror10.soft24.com/getfile.php?p=http://na-us1.disk-tools.com/.../DAEMONToolsPro520-0348.exe

http://download1141.mediafire.com/vzdcwxvo3ezg/.../DAEMONToolsPro520-0348.exe

http://letoltes.szoftverbazis.hu/IJMucvPPJZcFi-GYzxsbLQ/1451824564/.../DAEMONToolsPro520-0348.exe

http://letoltes.szoftverbazis.hu/PlwKuvJVuxkG-hQmQ2q25Q/1487359576/.../DAEMONToolsPro520-0348.exe

http://download1141.mediafire.com/rzfzfv0rcd7g/.../DAEMONToolsPro.exe

http://letoltes.szoftverbazis.hu/zUavj5JSqWkwI2f2uKO5bw/1481137568/.../DAEMONToolsPro520-0348.exe

http://letoltes.szoftverbazis.hu/vibLRWSj8cUV1B0NsYQekQ/1485445638/.../DAEMONToolsPro520-0348.exe

https://mega.nz/temporary/.../PAMw1KbJ

http://letoltes.szoftverbazis.hu/MuBkUo_eMm17_nmkWZwUAA/1457119668/.../DAEMONToolsPro520-0348.exe

http://download1141.mediafire.com/aq8wd1c7pbbg/.../DAEMON TOOLS PRO BY RICARDO ORTEGA.exe

http://mirror19.soft24.com/getfile.php?p=http://eu-uk1.disc-tools.com/.../DAEMONToolsPro520-0348.exe

http://letoltes.szoftverbazis.hu/CMZa66i17RzZQTH-oqje1g/1481398206/.../DAEMONToolsPro520-0348.exe

http://letoltes.szoftverbazis.hu/sP3e9-ryEYypqvjy6t7gzQ/1455389866/.../DAEMONToolsPro520-0348.exe

http://letoltes.szoftverbazis.hu/_QgH-e7iHTGZLonkkTjRXw/1479403701/.../DAEMONToolsPro520-0348.exe

http://download1141.mediafire.com/1x9gw20iw0xg/.../DAEMONToolsPro520-0348.exe

http://letoltes.szoftverbazis.hu/S9yfO8-PKDY4NEz3KeYgBg/1473581600/.../DAEMONToolsPro520-0348.exe

http://letoltes.szoftverbazis.hu/K8Yp2f9KL4LAJlf2UI_7BA/1482966281/.../DAEMONToolsPro520-0348.exe

http://mirror15.soft24.com/getfile.php?p=http://eu-uk1.disc-tools.com/.../DAEMONToolsPro520-0348.exe

http://letoltes.szoftverbazis.hu/WLZVNBABfURSAX6PD786KA/1479803259/.../DAEMONToolsPro520-0348.exe

http://letoltes.szoftverbazis.hu/hf6BPBI6VZh1W1DXZy9ATg/1447700878/.../DAEMONToolsPro520-0348.exe

https://mega.nz/temporary/.../QAxTVSoY

Latest 30 of 237 download URLs

Scan daemontoolspro520-0348.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.