» axcrypt-1.7.3156.0-setup.exe
Overview
Analysis
File Details
Programs (2)
Downloads (73)

axcrypt-1.7.3156.0-setup.exe

AxCrypt

Axantum Software AB

The application axcrypt-1.7.3156.0-setup.exe, “AxCrypt Installer with OpenCandy Offer” by Axantum Software AB has been detected as a potentially unwanted program by 6 anti-malware scanners. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. Additionally, the file is typically installed by a number of programs including Toolwiz Time Freeze 2014 by ToolWiz and Toolwiz Time Freeze 2016 by ToolWiz. The installer uses the OpenCandy monitzation platform which will donwload and install offers in the setup for potentially unwanted software including ad/search-supported toolbars.

File name:

Publisher:

Axantum Software AB (signed and verified)

Product:

AxCrypt

Description:

AxCrypt Installer with OpenCandy Offer

Version:

1.7.3156.0

MD5:

787474b1f7b20b5bfae845afe1089df2

SHA-1:

0b5ce329f535c6d7e406a7a93aef35d51d88f087

SHA-256:

e33c71f8272eea856246d3790d3dcc7b2a770ef6f7979bab8d3524eadf1679e2

Scanner detections:

6 / 68

Status:

Potentially unwanted

Explanation:

Packages the OpenCandy software bundler that offers to install additional software and may include web browser add-ons and toolbars which display advertising (based on publisher settings and geo context).

Analysis date:

12/27/2024 8:09:15 PM UTC (today)

Scan engine

Detection

Engine version

ESET NOD32

Win32/OpenCandy

8.9309

Malwarebytes

PUP.Optional.OpenCandy

v2014.01.19.05

McAfee

Artemis!787474B1F7B2

5600.7245

Rising Antivirus

PE:PUF.OpenCandy!1.9DE5

23.00.65.14117

Trend Micro House Call

TROJ_GEN.F47V0116

7.2.19

VIPRE Antivirus

Opencandy

25574

File size:

3.3 MB (3,495,040 bytes)

File type:

Executable application (Win32 EXE)

Installer:

NSIS (Nullsoft Scriptable Install System)

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\axcrypt-1.7.3156.0-setup.exe

Digital Signature

Signed by:

Axantum Software AB

Authority:

COMODO CA Limited

Valid from:

2/21/2012 12:00:00 AM

Valid to:

2/20/2014 11:59:59 PM

Subject:

CN=Axantum Software AB, O=Axantum Software AB, STREET=Dalgangen 1, L=Jarfalla, S=Stockholm, PostalCode=SE-177 60, C=SE

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

15BA9ADE9B964B75C6EF6392BF68BFFB

File PE Metadata

Compilation timestamp:

12/5/2009 10:50:52 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

98304:bYZbOvW/5yBhtnFQg/s+0S+vgSUqgQ1KB5p:kZi85yX1NJTog3qgicP

Entry address:

0x30FA

Entry point:

81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 18, EC, 42, 00, E8, F1, 2B, 00, 00, A3, 64, EB, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 98, 8F, 42, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 60, E3, 42, 00, E8, A4, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 40, 43, 00, 50, 57, E8, 92, 28, 00, 00... 
[+]

Entropy:

7.9952

Packer / compiler:

Nullsoft install system v2.x

Code size:

23.5 KB (24,064 bytes)

The file axcrypt-1.7.3156.0-setup.exe has been discovered within the following programs.

Toolwiz Time Freeze 2014 by ToolWiz

www.Toolwiz.com

About 1% of users remove it

Toolwiz Time Freeze 2016 by ToolWiz

About 4% of users remove it

The file axcrypt-1.7.3156.0-setup.exe has been seen being distributed by the following 50 URLs.

http://filehippo.com/download/file/.../

http://lb.cdn.m6web.fr/d/c/a/3f188c73d80d28050c9be4f817c163c7/583e9b34/soft/.../axcrypt_1-7-3156_fr_12208.exe

https://dw.uptodown.com/dwn/ijIZg_CUEBOfkMUd_XyKPurud1qGYgH9Mbiiv7XClTMzkmAGfPNHDKqVu0e0F0wMYhICHE2om9ak6aOnEzMPkpGVj5YOaLBkxMoJ6wKj_KP22Jv3iPPGuAfxahg9EJBl/ToBOMLvfeQQRPVohiRAcbFRAIwcY0jh8IDyj1CsRHhW1uan_GM9I_8AFx01EYuzlCXzP8Wbnhyj-acnpdxWorYXb7NMumZmoKiN91q7QPxYRr4lVKTn7u29AotfoGMLa/FkZM9Vo5pL3JIqa6cO_w9BnFXBi0nmkT14HbC64eC9VgWeVknmCbQPg4qmudpe_uqZwHaOt_ikRxwmRBYt-xiiI33EswIG8WgqqePR3DP3QRVHjKa2tE8cKsEKgv1IRX/.../

http://filehippo.com/pl/download/file/.../

http://ec.ccm2.net/ccm.net/download/.../AxCrypt-1.7.3156.0-Setup.exe

http://lb.cdn.m6web.fr/d/c/a/729a18741dd5177f48738dcc73583579/568d4072/soft/.../axcrypt_1-7-3156_fr_12208.exe

https://doc-10-bk-docs.googleusercontent.com/docs/securesc/7n0tsmtb33cb5uqguugrgnqhau3od5cj/csgf5j3uigre6m0k541ds7p56tt00udi/1476122400000/.../03562116927205756736/0B-QK4lkv8R8iY1k3eGhiUk9RQTA?e=download

https://dw.uptodown.com/dwn/xHnMcoHlv-BdKsflOGkHQOifIrwXoVxEkg-YqiuvVXKLadEEc7ScjV1K1nDJBHaR19JskPqxMdLL6sv4X8oLPpWT5itpG1HmogORWpzuGcwDHcV4-VfgvzujzZiH1MLm/F67jXUcTTi01E1g5pP7wT7gZ9qb3OsFGp9KEspaAgDeir5oblHItui5qsnJ_9r8gEdpvn7M0HdiAFKaVBoDkoKvj4KDOl_ni3WU501a3SglTL7Cs7-bnsprIFG5yKi3E/swU0BbcbtDwikwadoAcQ2te0VXWhqcv9cRAvon9pJUwfTcubY9wLJ2VyCTsT8YDUk70sGzaH54RaERD1XeKs3D6pKIaZFTLAadc9FT_9RXj0GNgojtJ1E6T-G9PYMfc1/.../

https://dw.uptodown.com/dwn/cqlB68m7fV3JD3wnlHDZtYeXIfOwFnaXGxulhEZDmcPzPqPk-hAuuaIDmpOtSMxsrhHw8U5SLrOej9kPQQPjNADEzG-aK2cyDsngk1JaByEqwKJP8jOQTdUCydd5-AzV/5EtQ7OK0GI-JfNNwp4XTyWubeYp2xnfVP5OeQky7v86KXAZjjnWSn2RN0tGdr-6PrJO239vanW-os8t-aALmdxCP2HdCt1e83o2z-DL5R4cv6jfE569-U0ReaOdxA7oG/BUiJSGy56lyPlpd0BPuVutqP5v3kIhdsLkeXBUzAlEmEMbex_2DrY5sRiNPCnjFgfmIP9_nfZqtRLNXUs4BZEBz0yB287hstNPT_24lox1MeRAR2232ErMMREVO_WcI5/.../

http://lb.cdn.m6web.fr/d/c/a/48be169bf72be3f032e71556ade0aaa8/56ef05c5/soft/.../axcrypt_1-7-3156_fr_12208.exe

http://www.filepuma.com/file/1459442792c5032/axcrypt_1.7.3156.0/.../0/

http://dw.uptodown.com/dl/1445209191/.../axcrypt-1-7-3156-0-es-en-fr-de-it-win.exe

http://lb.cdn.m6web.fr/d/c/a/bb7c2792e7520c2737053abb8abfca7b/56b0788b/soft/.../axcrypt_1-7-3156_fr_12208.exe

https://dw1.uptodown.com/dwn/jTtqRGWGgNG2WvBO8mtdIOLo-8C5hfAquocF_WqLD_VjhJaKSQfygAuKX9CHdD-ToZbmLjsdR-THTz8gPsDIO6v5vSrw1dgRJzZlkrody09J-NQferp2VmAgFQ0nBg4g/BYPChdghRXgDY1uNet_AD3hE2z7E3mU0ymLEv9qLaIN0JOIS4I-f1IXxmdPIvDs1EpfyaRzr9LreUr5xYZ3_0N16cBz3iW9Qb0C6AI5Eawl0_2Zg-l3byzR8X2Z1s-iE/OBcxrnGJJp4BwW2ETrEx8XxRf2_bUKnwcIo5VnSqGWTYCBY2nnIa1yqme7rgNSoSRl57Or9_1va3Xlm1YLnc4IHxzRCtWHcYb8mfncVY76hJmcLXEuwOolAChS7SBjKl/.../axcrypt-1-7-3156-0-es-en-fr-de-it-win.exe

http://lb.cdn.m6web.fr/d/c/a/dcbf812b0083210f27c6537893e31a6c/581e30c2/soft/.../axcrypt_1-7-3156_fr_12208.exe

https://dw.uptodown.com/dwn/kan5Dludl5vBCh9TRtJHMPacdClCxwb95w3pwpX-wQFc-oZgIkwswfzJLvV39dt2u63IokKTKOiZY8eK4HFyLWwrTWS68oDCCP1F-PDab0o3NCl3WdSj12PHQZAmQP_v/HQzIxwuAcqTBs3VuTbHTkz6eQ6ps3WnvB0j-djDT__ecrpShl5lN3YWG4u5TxOBF0zqlpYmW2f83ZnTImC26pQBGKTbInmCMMqaQdjklzLxjtPmJLz929mrFLTfwpjC2/uduJvWeTh94Oa30hHa4D8O0bdixr5UsYSTGGN5vp7so5orsceeEcSfw76qnpRDI59QvN72ftifLByLAZ4nsbQszAnG_VxtUOeIcdvviS3iyquIaIYYUb_DEnp2mZqq9a/.../

http://lb.cdn.m6web.fr/d/c/a/797f63a64fe14aaa08995d163c9b1541/543bc811/soft/.../axcrypt_1-7-3156_fr_12208.exe

http://lb.cdn.m6web.fr/d/c/a/b3083284f211bb77a454b6627b0499ea/57038b63/soft/.../axcrypt_1-7-3156_fr_12208.exe

http://lb.cdn.m6web.fr/d/c/a/e15d7408a645a68947e9c75352449fca/56891f74/soft/.../axcrypt_1-7-3156_fr_12208.exe

http://lb.cdn.m6web.fr/d/c/a/4bde99f51d229157ff960cbc66a5924a/56bb94f8/soft/.../axcrypt_1-7-3156_fr_12208.exe

http://lb.cdn.m6web.fr/d/c/a/21d7c67a854f6495773cc37cba4d40b9/56d45869/soft/.../axcrypt_1-7-3156_fr_12208.exe

http://lb.cdn.m6web.fr/d/c/a/88062a17d8ee6912ed39205e8eb4a01e/56a84ac5/soft/.../axcrypt_1-7-3156_fr_12208.exe

http://dw.uptodown.com/dwn/g8tTdIaDahJB-up7C1YvqmfZ6GftiKTRH37H1t06lQHmEVHj-kulCtXUlgMiJx9RC4cGp_8KOkMLwByD4GtyTmVx3Lrf_qH62je-EWsAf_5TkF1kFTFXjdCN-Sgx92HC/PvAUAUyJqGEVlS4fjgEJ4F-1FxviBM4fE1_cp7nlGnq0h1sMTxeaetFovMtwQFnJtUfIQXMYE4JgW9LYbRQfVLwlCk5wXmpQSu1MXdvk-CacCJV-WQCAKS5hBbecnsgr/.../

http://lb.cdn.m6web.fr/d/c/a/1676d1f9fd1c0b21de7a6ca13ea33324/56b560a9/soft/.../axcrypt_1-7-3156_fr_12208.exe

http://www.filehippo.com/download/file/.../

http://lb.cdn.m6web.fr/d/c/a/761aaa5368c157faf49a68c2a9cda714/56431949/soft/.../axcrypt_1-7-3156_fr_12208.exe

http://dw.uptodown.com/dwn/PEtaMLTEQ9bb-3UTTL3tRQ4nxMtCejvNzKdv4_JyuxVDS_Yx66mH2_a0Opr6Hbu4FQz1E2CSEEpE0Ep4n1u3gaP3qcYEnKex9kHEQPPbp-yMUo9IQGJOAgzyHmKQqvuw/wIqLFVSitrBlPj9tpeypFDxXZ4XF8hn86_GCi_BSvy-e-wVfPJIidmBUocpP_PYZyL4e5e7KO_pakCAZ74DzfiozBFHQ8eWZkUQ2kYRmJTAPp9wjdkWtnv5FdYEOaH-0/.../

http://lb.cdn.m6web.fr/d/c/a/46e43cae89ff7b4a356715b9fd31b04a/56f55f3f/soft/.../axcrypt_1-7-3156_fr_12208.exe

http://lb.cdn.m6web.fr/d/c/a/d408c972497732dca9d42e606a3041a6/54f1c462/soft/.../axcrypt_1-7-3156_fr_12208.exe

http://lb.cdn.m6web.fr/d/c/a/050f321856c627f4c80c966338d03fe6/56cceaf4/soft/.../axcrypt_1-7-3156_fr_12208.exe

Latest 30 of 73 download URLs

Remove axcrypt-1.7.3156.0-setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.