home

poweriso49.exe

Power Software Ltd

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. This is installed with Power ISO. The file has been seen being downloaded from software.oldversion.com and multiple other hosts.
Publisher:
Power Software Ltd  (signed and verified)

MD5:
aa000844b20a3aa1f37c0d7458159fd8

SHA-1:
cfd47ee45b7836e9af0a309a6459501f52012e38

SHA-256:
793eb072663b7bb699cfa22b60165e7b6b488b67c0469d98d2bbc865f612794d

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/27/2024 12:17:20 AM UTC  (today)

File size:
1.9 MB (1,946,728 bytes)

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Digital Signature
Signed by:
Power Software Ltd

Authority:
GlobalSign nv-sa

Valid from:
10/28/2011 9:33:03 AM

Valid to:
10/28/2014 8:33:03 AM

Subject:
CN=Power Software Ltd, O=Power Software Ltd, L=香港, S=香港, C=HK

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
11214EC0AA9D4C5C4268811B30352BF16983

File PE Metadata
Compilation timestamp:
12/5/2009 11:50:46 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
49152:9VXvI+3irzYpzVkvsAPiL3/ZAUhZw6F95I:9jiz45kvso+vzhZP9G

Entry address:
0x323C

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 30, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B4, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 58, 3F, 42, 00, E8, 09, 2C, 00, 00, A3, A4, 3E, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 58, F4, 41, 00, FF, 15, 58, 71, 40, 00, 68, B8, 91, 40, 00, 68, A0, 36, 42, 00, E8, BC, 28, 00, 00, FF, 15, B0, 70, 40, 00, BF, 00, 90, 42, 00, 50, 57, E8, AA, 28, 00, 00...
 
[+]

Packer / compiler:
Nullsoft install system v2.x

Code size:
23 KB (23,552 bytes)

The file poweriso49.exe has been discovered within the following program.

Power ISO  by Power Software Ltd.
Publisher's description - “PowerISO is a powerful CD / DVD / BD image file processing tool, which allows you to open, extract, burn, create, edit, compress, encrypt, split and convert ISO files, and mount ISO files with internal virtual drive.”
4% remove it
 
Powered by Should I Remove It?

The file poweriso49.exe has been seen being distributed by the following 30 URLs.

http://software.oldversion.com/download.php?f=YTo1OntzOjQ6InRpbWUiO2k6MTQ3OTY1MDg0MDtzOjI6ImlkIjtpOjk3OTI7czo0OiJmaWxlIjtzOjE0OiJQb3dlcklTTzQ5LmV4ZSI7czozOiJ1cmwiO3M6NDU6Imh0dHA6Ly93d3cub2xkdmVyc2lvbi5mci93aW5kb3dzL3Bvd2VyaXNvLTQtOSI7czo0OiJwYXNzIjtzOjMyOiI1ZmUyNDc4MmMwNGE0MzQ4NDFmMjkyNGIxMWM2MjI0YiI7fQ==

ftp://myftp.iiita.ac.in/Softwares/windows/data_burning/.../PowerISO49.exe

http://lb.cdn.m6web.fr/d/c/a/1a4f9a616e93d0d01153420b303df5ee/53202042/soft/.../poweriso_poweriso_4.9_francais_43110.exe

http://software.oldversion.com/download.php?f=YTo1OntzOjQ6InRpbWUiO2k6MTQ3NTYwOTUxMTtzOjI6ImlkIjtpOjk3OTI7czo0OiJmaWxlIjtzOjE0OiJQb3dlcklTTzQ5LmV4ZSI7czozOiJ1cmwiO3M6NDY6Imh0dHA6Ly93d3cub2xkdmVyc2lvbi5jb20vd2luZG93cy9wb3dlcmlzby00LTkiO3M6NDoicGFzcyI7czozMjoiMzI0ZmIwZTQ5MzYwMzQ2MTcyY2Y3YzgyNzRjYWFiMjMiO30=

http://lb.cdn.m6web.fr/d/c/a/435134ed94e27a06920f7730eb893a06/54e78a3a/soft/.../poweriso_poweriso_4.9_francais_43110.exe

http://downloadpt.com/softwares/.../PowerISO_v4.9_master.exe

http://www.software.aat7.com/.../PowerISO49.exe

http://down.upf.co.il/downloadnew/file/.../23d1cac5a163d74e2f806d676383d3de_mTzQRutaqau1ZKowr913371337WPg==

http://www.poweriso.com/PowerISO49.exe

http://down.upf.co.il/downloadnew/file/.../abf8cbc38c542d84abdcce11e25b43be_919881988HYi4fKFP8D2JZXNj2oKQ==

http://www.iso-file.net/PowerISO49.exe

http://lb.cdn.m6web.fr/d/c/a/e98792f75b695dd705ca9c531db32449/54e48529/soft/.../poweriso_poweriso_4.9_francais_43110.exe

http://downloads.zoznam.sk/.../poweriso-40?did=10371

temp:Power ISO4.9.exe

http://www.poweriso.net/PowerISO49.exe

about:internet

http://s10831.chomikuj.pl/File.aspx?e=aNMJSOYGuEvsK_ahy7odC_dILk0SC55EE8vkPNMI2twNomFR2znm7XgxOoBu-4IQtt9EO-JpsbxzAM9DAI4pH9SbwOIHlAWgBhdFIxboLRM1iJY2nt-uDurIul1U5UXG_XRdR_sfRg5SC7jAepv_qg&pv=2

http://lb.cdn.m6web.fr/d/c/a/9d5028ea7ae1b4f942d1ba6592216e32/545f5a72/soft/.../poweriso_poweriso_4.9_francais_43110.exe

https://dl-web.dropbox.com/get/install/.../PowerISO49.exe

http://lb.cdn.m6web.fr/d/c/a/3a570c7545de20d301a829aebb1abeb0/54e4fd1e/soft/.../poweriso_poweriso_4.9_francais_43110.exe

http://download.oldapps.com/.../PowerISO49.exe

http://d110.cdn.m6web.fr/soft/.../poweriso_poweriso_4.9_francais_43110.exe

http://lb.cdn.m6web.fr/d/c/a/4b1d8c002ec35ae43e8f30b3f601a294/54146c05/soft/.../poweriso_poweriso_4.9_francais_43110.exe

http://lb.cdn.m6web.fr/d/c/a/84f83d7de029891916e6d807b6683d0b/53d89424/soft/.../poweriso_poweriso_4.9_francais_43110.exe

http://downloadinter.upf.co.il/downloadnew/file/.../03cec35e5bb7c42c3bdc51004d213523

http://d210.cdn.m6web.fr/soft/.../poweriso_poweriso_4.9_francais_43110.exe

http://lb.cdn.m6web.fr/d/c/a/a6c005212a62c5da21f59c31a1566e4a/537a08e1/soft/.../poweriso_poweriso_4.9_francais_43110.exe

http://download-euro.oldapps.com/.../PowerISO49.exe

http://lb.cdn.m6web.fr/d/c/a/78cf28f2740853d43c02f7fb261708fa/53765205/soft/.../poweriso_poweriso_4.9_francais_43110.exe

http://www.oldapps.com/poweriso.php?app=AA000844B20A3AA1F37C0D7458159FD8

Latest 30 of 30 download URLs

Scan poweriso49.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.