dm319g.exe

OpenCandy

The application dm319g.exe by OpenCandy has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. It uses the OpenCandy monitzation platform which will donwload and install offers in the setup for potentially unwanted software including ad/search-supported toolbars.
Publisher:
OpenCandy  (signed and verified)

MD5:
af080cffd262a00fb05b98d6ab87f7f0

SHA-1:
152a1ff75f92b7f21c5e7492a443548bd09fcf88

SHA-256:
ed70e7c8a20848e02d59965227ee6b7c093907c61165e2bd35d4989d8823a9b0

Scanner detections:
1 / 68

Status:
Potentially unwanted

Explanation:
Packages the OpenCandy software bundler that offers to install additional software and may include web browser add-ons and toolbars which display advertising (based on publisher settings and geo context).

Analysis date:
12/25/2024 1:38:51 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.OpenCandy (M)
17.1.28.18

File size:
300.5 KB (307,672 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\roaming\opencandy\3710a107d5e34624b1c42a976ee6a2de\dm319g.exe

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
8/26/2014 8:00:00 AM

Valid to:
8/27/2015 7:59:59 AM

Subject:
CN=OpenCandy, O=OpenCandy, STREET="510 Market St #301", L=San Diego, S=CA, PostalCode=92101, C=US

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
5AA7E515112EAEB906A3ABD37394DAD6

File PE Metadata
Compilation timestamp:
10/20/2014 1:13:34 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

Entry address:
0xBADE0

Entry point:
39, 11, F8, 2A, B1, 9B, B0, 1A, C3, 8E, EB, 59, 96, 00, AD, CE, 0C, 4D, B2, D0, 31, A6, 08, 5C, 2A, 7A, FC, E2, 7A, 1D, 57, 4C, A8, 65, 18, E9, 79, 40, 62, 25, 96, 6E, C7, C7, 37, 6A, 83, 21, 08, 8E, 41, EA, DD, D9, 57, 3F, 1D, 77, 49, 87, 2A, 16, 06, 5E, A6, 38, 6A, 22, 12, A3, 51, 19, 83, 7E, B6, 30, 82, 04, A3, 30, 82, 03, 8B, A0, 03, 02, 01, 02, 02, 10, 0E, CF, F4, 38, C8, FE, BF, 35, 6E, 04, D8, 6A, 98, 1B, 1A, 50, 30, 0D, 06, 09, 2A, 86, 48, 86, F7, 0D, 01, 01, 05, 05, 00, 30, 5E, 31, 0B, 30, 09, 06...
 
[+]

Entropy:
7.6161

Code size:
248 KB (253,952 bytes)

Remove dm319g.exe - Powered by Reason Core Security