crystaldiskinfo6_2_1-en.exe

CrystalDiskInfo 6.2.1

Noriyuki MIYAZAKI

The application crystaldiskinfo6_2_1-en.exe, “CrystalDiskInfo Setup ” by Noriyuki MIYAZAKI has been detected as a potentially unwanted program by 3 anti-malware scanners. This is a self-extracting archive and installer and has been known to bundle potentially unwanted software. Additionally, the file is typically installed by a number of programs including Toolwiz Time Freeze 2014 by ToolWiz and SSDlife Pro by BinarySense Inc.. The installer uses the OpenCandy monitzation platform which will donwload and install offers in the setup for potentially unwanted software including ad/search-supported toolbars.
Publisher:
Crystal Dew World   (signed by Noriyuki MIYAZAKI)

Product:
CrystalDiskInfo 6.2.1

Description:
CrystalDiskInfo Setup

Version:
6.2.1

MD5:
084af0ac91de952846d79a3e74abb0be

SHA-1:
3c7b7df8d98a0b85608f99a8f04d8d1515504b09

SHA-256:
3d2e762e6548f43423c7bb50653a8123b6629c1136a930e89c550adaf29316a1

Scanner detections:
3 / 68

Status:
Potentially unwanted

Explanation:
Packages the OpenCandy software bundler that offers to install additional software and may include web browser add-ons and toolbars which display advertising (based on publisher settings and geo context).

Analysis date:
12/25/2024 1:23:17 PM UTC  (today)

Scan engine
Detection
Engine version

AVG
OpenCandy
2015.0.3364

ESET NOD32
8.10347

Reason Heuristics
PUP.OpenCandy.Installer (L)
16.12.1.1

File size:
2.9 MB (2,996,728 bytes)

Product version:
6.2.1

Copyright:
Crystal Dew World

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\crystaldiskinfo6_2_1-en.exe

Digital Signature
Authority:
GlobalSign nv-sa

Valid from:
2/5/2013 2:53:40 PM

Valid to:
2/6/2016 2:53:40 PM

Subject:
CN=Noriyuki MIYAZAKI, C=JP

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121D6683A851E981F3776DC28605DC830EF

File PE Metadata
Compilation timestamp:
10/13/2013 10:19:32 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:GQ22xa4MnIcZe7hf0amjsWoH2PQO4O+lsw60h0/vzCaKnl+u4XwDXtjgy:e2xa43cZeF0amjzoWIh7C/vzCLl+u4Xi

Entry address:
0x113BC

Entry point:
55, 8B, EC, 83, C4, A4, 53, 56, 57, 33, C0, 89, 45, C4, 89, 45, C0, 89, 45, A4, 89, 45, D0, 89, 45, C8, 89, 45, CC, 89, 45, D4, 89, 45, D8, 89, 45, EC, B8, 2C, 00, 41, 00, E8, E8, 51, FF, FF, 33, C0, 55, 68, 9E, 1A, 41, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 5A, 1A, 41, 00, 64, FF, 32, 64, 89, 22, A1, 48, 5B, 41, 00, E8, 16, D8, FF, FF, E8, 65, D3, FF, FF, 80, 3D, DC, 2A, 41, 00, 00, 74, 0C, E8, 2B, D9, FF, FF, 33, C0, E8, 80, 32, FF, FF, 8D, 55, EC, 33, C0, E8, E2, A3, FF, FF, 8B, 55, EC, B8, 50, 86...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
63.5 KB (65,024 bytes)

The file crystaldiskinfo6_2_1-en.exe has been discovered within the following programs.

SSDlife Pro  by BinarySense Inc.
Publisher's description - “SSDlife is a small and intuitive SSD diagnostic tool that helps users obtain comprehensive information about their SSD drives and take timely action if any problems are detected.”
ssd-life.com
About 3% of users remove it
www.Toolwiz.com
About 1% of users remove it
 
Powered by Should I Remove It?

The file crystaldiskinfo6_2_1-en.exe has been seen being distributed by the following 23 URLs.

https://www.dropbox.com/s/.../CrystalDiskInfo6_2_1-en.exe

http://download.heise.de/software/165b5a0e9f38889186e3ed6651c5ad15/543ec051/.../crystaldiskinfo6_2_1-en.exe

http://54.187.69.3/.../2788-CrystalDiskInfo6_2_1-en.exe

Remove crystaldiskinfo6_2_1-en.exe - Powered by Reason Core Security