home

allmyapps-windows-app-store-for-pc.exe

Allmyapps

The application allmyapps-windows-app-store-for-pc.exe by Allmyapps has been detected as a potentially unwanted program by 10 anti-malware scanners. This is a setup program which is used to install the application. It uses the OpenCandy monitzation platform which will donwload and install offers in the setup for potentially unwanted software including ad/search-supported toolbars. The file has been seen being downloaded from download-file-free.net.
Publisher:
Allmyapps  (signed and verified)

Product:
Allmyapps

Version:
2.0.0.10

MD5:
70993fd22de40601f519278766a94b06

SHA-1:
7d2f27efe0b076f77e9b4896260fec0301796d3b

SHA-256:
4a6f3b1dc169075d0e70b2ba82cb092d1854e284b859a3ea85aa6d3d5a3a7d8a

Scanner detections:
10 / 68

Status:
Potentially unwanted

Explanation:
Packages the OpenCandy software bundler that offers to install additional software and may include web browser add-ons and toolbars which display advertising (based on publisher settings and geo context).

Analysis date:
11/24/2024 4:32:46 PM UTC  (today)

Scan engine
Detection
Engine version

Baidu Antivirus
Adware.Win32.OpenCandy
4.0.3.141228

Dr.Web
Trojan.DownLoader11.6726
9.0.1.0362

ESET NOD32
Win32/OpenCandy
8.10875

K7 AntiVirus
Trojan
13.187.14319

Malwarebytes
PUP.Optional.OpenCandy
v2014.12.28.12

McAfee
Artemis!70993FD22DE4
5600.6902

Reason Heuristics
PUP.Installer.Allmyapps.f
14.12.28.12

Rising Antivirus
PE:PUF.OpenCandy!1.9DE5
23.00.65.141226

Sophos
OpenCandy
4.98

VIPRE Antivirus
Opencandy
35712

File size:
864.4 KB (885,176 bytes)

Product version:
2.0.0.10

Copyright:
Copyright (C) 2011

Original file name:
SfxSetup.exe

File type:
Executable application (Win32 EXE)

Language:
French (France)

Common path:
C:\users\{user}\downloads\allmyapps-windows-app-store-for-pc.exe

Digital Signature
Signed by:
Allmyapps

Authority:
The USERTRUST Network

Valid from:
12/5/2010 7:00:00 PM

Valid to:
12/5/2013 6:59:59 PM

Subject:
CN=Allmyapps, O=Allmyapps, STREET=22 23 quai du président carnot, L=Saint Cloud, S=Ile de France, PostalCode=92210, C=FR

Issuer:
CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:
009D380BB9DF58B350F1D85FDF834E5CBE

File PE Metadata
Compilation timestamp:
5/30/2013 4:52:50 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
24576:96A0/bAWTalkS4JOag2H7muasBOiUHHJ/f7:96A0/xaCS4Aag87muasBOH/f7

Entry address:
0x83B0

Entry point:
E8, BA, 23, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 68, 1C, D3, 40, 00, FF, 15, 7C, D0, 40, 00, 85, C0, 74, 15, 68, 0C, D3, 40, 00, 50, FF, 15, 78, D0, 40, 00, 85, C0, 74, 05, FF, 75, 08, FF, D0, 5D, C3, 8B, FF, 55, 8B, EC, FF, 75, 08, E8, C8, FF, FF, FF, 59, FF, 75, 08, FF, 15, 80, D0, 40, 00, CC, 6A, 08, E8, 80, 25, 00, 00, 59, C3, 6A, 08, E8, 9E, 24, 00, 00, 59, C3, 8B, FF, 56, E8, 7C, 11, 00, 00, 8B, F0, 56, E8, 07, 05, 00, 00, 56, E8, AE, 16, 00, 00, 56, E8, EA, 27, 00, 00, 56, E8, D5, 27, 00...
 
[+]

Entropy:
7.6753

Code size:
45 KB (46,080 bytes)

The file allmyapps-windows-app-store-for-pc.exe has been seen being distributed by the following URL.

http://download-file-free.net/resource/.../Allmyapps-Windows-App-Store-for-PC.exe

Remove allmyapps-windows-app-store-for-pc.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.