» daemontoolsultra300-0309.exe
Overview
Analysis
File Details
Downloads (123)

daemontoolsultra300-0309.exe

DAEMON Tools Ultra

Disc Soft Ltd

The application daemontoolsultra300-0309.exe, “DAEMON Tools Ultra Setup” by Disc Soft has been detected as a potentially unwanted program by 9 anti-malware scanners. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The installer uses the OpenCandy monitzation platform which will donwload and install offers in the setup for potentially unwanted software including ad/search-supported toolbars. The file has been seen being downloaded from mirror19.soft24.com and multiple other hosts.

File name:

Publisher:

Disc Soft Ltd (signed and verified)

Product:

DAEMON Tools Ultra

Description:

DAEMON Tools Ultra Setup

Version:

3.0.0.0309.0

MD5:

fd1be9d09fe67174dfa4c8bafabe9698

SHA-1:

2a056ee98778ecdc813eb34a099740862355798a

SHA-256:

a7901552133cdb67f7874fd3821e6734ed059716dbc68c236bd517cadf1d4519

Scanner detections:

9 / 68

Status:

Potentially unwanted

Explanation:

Packages the OpenCandy software bundler that offers to install additional software and may include web browser add-ons and toolbars which display advertising (based on publisher settings and geo context).

Analysis date:

11/5/2024 11:10:50 PM UTC (a few moments ago)

Scan engine

Detection

Engine version

Agnitum Outpost

Riskware.Agent

7.1.1

ESET NOD32

Win32/DownWare

8.10897

Fortinet FortiGate

Riskware/OpenCandy

12/18/2014

G Data

NSIS.Application.OpenCandy

14.12.24

Malwarebytes

PUP.Optional.OpenCandy

v2014.12.18.02

McAfee

Artemis!FD1BE9D09FE6

5600.6912

Qihoo 360 Security

Malware.QVM39.Gen

1.0.0.1015

Reason Heuristics

PUP.OpenCandy (M)

16.12.2.9

Trend Micro House Call

Suspicious_GEN.F47V1215

7.2.352

File size:

12 MB (12,547,616 bytes)

Product version:

3.0.0.0309.0

Original file name:

DAEMON Tools Ultra3.0.0.0309.exe

File type:

Executable application (Win32 EXE)

Installer:

NSIS (Nullsoft Scriptable Install System)

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\programs\daemontoolsultra300-0309.exe

Digital Signature

Signed by:

Disc Soft Ltd

Authority:

GlobalSign nv-sa

Valid from:

2/21/2014 4:58:31 PM

Valid to:

5/30/2015 5:52:02 PM

Subject:

E=finpr@disc-soft.com, CN=Disc Soft Ltd, O=Disc Soft Ltd, L=Belize city, S=Belize, C=BZ

Issuer:

CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:

1121352E0B2023D1A751886DCBE97D37795E

File PE Metadata

Compilation timestamp:

4/10/2010 12:19:31 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

196608:yoBvPoPkqIcyFEfyQsmkMNSjxvPKfdf6VeTBfv2ZKx0BROi/qoCmPuZGoxlwB/Ck:yNPxOCfsmk/vPKVSVkfeZWu/YmolAbVR

Entry address:

0x354B

Entry point:

81, EC, D4, 02, 00, 00, 53, 55, 56, 57, 6A, 20, 33, ED, 5E, 89, 6C, 24, 18, C7, 44, 24, 10, D8, 84, 40, 00, 89, 6C, 24, 14, FF, 15, 30, 80, 40, 00, 68, 01, 80, 00, 00, FF, 15, B8, 80, 40, 00, 55, FF, 15, B0, 82, 40, 00, 6A, 08, A3, 98, 06, 47, 00, E8, 67, 27, 00, 00, 55, 68, B4, 02, 00, 00, A3, B0, 05, 47, 00, 8D, 44, 24, 38, 50, 55, 68, 1C, 86, 40, 00, FF, 15, 80, 81, 40, 00, 68, 04, 86, 40, 00, 68, A0, 85, 46, 00, E8, 35, 26, 00, 00, FF, 15, B4, 80, 40, 00, 50, BF, A0, 10, 4C, 00, 57, E8, 23, 26, 00, 00... 
[+]

Entropy:

7.9998

Packer / compiler:

Nullsoft install system v2.x

Code size:

25 KB (25,600 bytes)

The file daemontoolsultra300-0309.exe has been seen being distributed by the following 50 URLs.

http://mirror19.soft24.com/getfile.php?p=http://eu-uk1.disc-tools.com/.../DAEMONToolsUltra300-0309.exe

http://mirror22.soft24.com/getfile.php?p=http://na-us1.disk-tools.com/.../DAEMONToolsUltra300-0309.exe

http://mirror02.soft24.com/getfile.php?p=http://na-us1.disk-tools.com/.../DAEMONToolsUltra300-0309.exe

http://mirror14.soft24.com/getfile.php?p=http://eu-uk1.disc-tools.com/.../DAEMONToolsUltra300-0309.exe

http://mirror17.soft24.com/getfile.php?p=http://eu-uk1.disc-tools.com/.../DAEMONToolsUltra300-0309.exe

http://mirror16.soft24.com/getfile.php?p=http://na-us1.disk-tools.com/.../DAEMONToolsUltra300-0309.exe

http://mirror17.soft24.com/getfile.php?p=http://eu-uk1.disc-tools.com/.../DAEMONToolsUltra300-0309.exe

http://mirror19.soft24.com/getfile.php?p=http://eu-uk1.disc-tools.com/.../DAEMONToolsUltra300-0309.exe

http://mirror17.soft24.com/getfile.php?p=http://na-us1.disk-tools.com/.../DAEMONToolsUltra300-0309.exe

http://mirror28.soft24.com/getfile.php?p=http://eu-uk1.disc-tools.com/.../DAEMONToolsUltra300-0309.exe

http://mirror23.soft24.com/getfile.php?p=http://eu-uk1.disc-tools.com/.../DAEMONToolsUltra300-0309.exe

http://mirror0.disc-tools.com/getfile.php?p=http://eu-uk1.disc-tools.com/.../DAEMONToolsUltra300-0309.exe

http://mirror28.soft24.com/getfile.php?p=http://eu-uk1.disc-tools.com/.../DAEMONToolsUltra300-0309.exe

http://download.instalki.info/programy/Windows/Narzedzia/.../DAEMONToolsUltra300-0309_www.INSTALKI.pl.exe

http://mirror17.soft24.com/getfile.php?p=http://eu-uk1.disc-tools.com/.../DAEMONToolsUltra300-0309.exe

http://na-us1.disk-tools.com/.../DAEMONToolsUltra300-0309.exe

http://mirror20.soft24.com/getfile.php?p=http://na-us1.disk-tools.com/.../DAEMONToolsUltra300-0309.exe

http://mirror28.soft24.com/getfile.php?p=http://na-us1.disk-tools.com/.../DAEMONToolsUltra300-0309.exe

http://mirror14.soft24.com/getfile.php?p=http://eu-uk1.disc-tools.com/.../DAEMONToolsUltra300-0309.exe

http://mirror09.soft24.com/getfile.php?p=http://na-us1.disk-tools.com/.../DAEMONToolsUltra300-0309.exe

http://mirror19.soft24.com/getfile.php?p=http://na-us1.disk-tools.com/.../DAEMONToolsUltra300-0309.exe

http://www19.zippyshare.com/d/6769867/.../DAEMONToolsUltra300-0309.exe

http://mirror36.soft24.com/getfile.php?p=http://eu-uk1.disc-tools.com/.../DAEMONToolsUltra300-0309.exe

http://mirror07.soft24.com/getfile.php?p=http://na-us1.disk-tools.com/.../DAEMONToolsUltra300-0309.exe

http://mirror22.soft24.com/getfile.php?p=http://eu-uk1.disc-tools.com/.../DAEMONToolsUltra300-0309.exe

http://www19.zippyshare.com/d/6769867/.../DAEMONToolsUltra300-0309.exe

http://mirror07.soft24.com/getfile.php?p=http://eu-uk1.disc-tools.com/.../DAEMONToolsUltra300-0309.exe

http://mirror12.soft24.com/getfile.php?p=http://eu-uk1.disc-tools.com/.../DAEMONToolsUltra300-0309.exe

http://mirror26.soft24.com/getfile.php?p=http://na-us1.disk-tools.com/.../DAEMONToolsUltra300-0309.exe

http://mirror15.soft24.com/getfile.php?p=http://eu-uk1.disc-tools.com/.../DAEMONToolsUltra300-0309.exe

Latest 30 of 123 download URLs

Remove daemontoolsultra300-0309.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.