dlm312b.exe

OpenCandy

The application dlm312b.exe by OpenCandy has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. It uses the OpenCandy monitzation platform which will donwload and install offers in the setup for potentially unwanted software including ad/search-supported toolbars.
Publisher:
OpenCandy  (signed and verified)

MD5:
23cd8b6a1e9feccdd835a148f67e00d8

SHA-1:
97f64032a9c24434094b5189935d82c8ffd7a631

SHA-256:
bfa9841cf92aba028d2c52925210745183c2181c195e6cf5617d2efd94e9a8c1

Scanner detections:
1 / 68

Status:
Potentially unwanted

Explanation:
Packages the OpenCandy software bundler that offers to install additional software and may include web browser add-ons and toolbars which display advertising (based on publisher settings and geo context).

Analysis date:
12/24/2024 11:35:20 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.OpenCandy (M)
17.2.17.20

File size:
300.5 KB (307,672 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\roaming\opencandy\22702595bf3049acb3c8dce717a392c1\dlm312b.exe

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
8/26/2014 7:00:00 AM

Valid to:
8/27/2015 6:59:59 AM

Subject:
CN=OpenCandy, O=OpenCandy, STREET="510 Market St #301", L=San Diego, S=CA, PostalCode=92101, C=US

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00E9AA9CF62D76917409F82A1BEA2A62ED

File PE Metadata
Compilation timestamp:
9/18/2014 5:19:02 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

Entry address:
0xBADE0

Entry point:
DD, A6, 22, FE, D4, A3, 2D, FE, C5, A0, 45, FE, C7, A1, 49, FE, C8, A2, 4B, FE, CA, A3, 4E, FE, CB, A4, 51, FE, CC, A6, 53, FE, CE, A7, 55, FE, CF, A9, 58, FE, D0, AA, 5A, FE, D2, AB, 5C, FE, D3, AD, 5E, FE, D5, AE, 60, FE, D6, AF, 62, FE, D7, B1, 64, FE, D8, B2, 66, FE, DA, B4, 68, FE, DB, B5, 6A, FE, DD, B7, 6C, FE, DE, B8, 6E, FE, E0, BA, 70, FE, E1, BB, 72, FE, E3, BD, 74, FE, E4, BE, 75, FE, E2, BC, 73, FE, DA, B4, 67, FE, D1, AB, 5A, FE, C8, A2, 4C, FE, C0, 9A, 3D, FE, B7, 90, 2C, FD, 88, 6B, 15, C0...
 
[+]

Entropy:
7.7626  (probably packed)

Code size:
248 KB (253,952 bytes)

Remove dlm312b.exe - Powered by Reason Core Security