dm319g.exe

OpenCandy

The application dm319g.exe by OpenCandy has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. It uses the OpenCandy monitzation platform which will donwload and install offers in the setup for potentially unwanted software including ad/search-supported toolbars.
Publisher:
OpenCandy  (signed and verified)

MD5:
5a5e6d0b3ca6ba9f6dc276690a34e6e9

SHA-1:
b4596c0f713f708599baebf4c0f0f925f11d648f

SHA-256:
47997808cabc76d4e1baa3873e0157bb58d6196b6e1a17fd0137031fe9c3a0f7

Scanner detections:
1 / 68

Status:
Potentially unwanted

Explanation:
Packages the OpenCandy software bundler that offers to install additional software and may include web browser add-ons and toolbars which display advertising (based on publisher settings and geo context).

Analysis date:
12/25/2024 1:49:40 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.OpenCandy (M)
16.8.22.21

File size:
300.5 KB (307,672 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\roaming\opencandy\2bb40a80d51147a1b74fd501c700a5db\dm319g.exe

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
8/26/2014 7:00:00 AM

Valid to:
8/27/2015 6:59:59 AM

Subject:
CN=OpenCandy, O=OpenCandy, STREET="510 Market St #301", L=San Diego, S=CA, PostalCode=92101, C=US

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
5AA7E515112EAEB906A3ABD37394DAD6

File PE Metadata
Compilation timestamp:
10/20/2014 12:13:34 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
6144:PsrjXYh+fnh4UObcZWh/1Hfz87S6RyoHxNhLJmDnQ0oSIhvhM:PAjXUmn2bcZSNz87ScRNhLu3oSJ

Entry address:
0xBADE0

Entry point:
65, 6E, 63, 6F, 64, 69, 6E, 67, 3D, 22, 55, 54, 46, 2D, 38, 22, 20, 73, 74, 61, 6E, 64, 61, 6C, 6F, 6E, 65, 3D, 22, 79, 65, 73, 22, 3F, 3E, 0D, 0A, 0D, 0A, 3C, 61, 73, 73, 65, 6D, 62, 6C, 79, 20, 78, 6D, 6C, 6E, 73, 3D, 22, 75, 72, 6E, 3A, 73, 63, 68, 65, 6D, 61, 73, 2D, 6D, 69, 63, 72, 6F, 73, 6F, 66, 74, 2D, 63, 6F, 6D, 3A, 61, 73, 6D, 2E, 76, 31, 22, 20, 6D, 61, 6E, 69, 66, 65, 73, 74, 56, 65, 72, 73, 69, 6F, 6E, 3D, 22, 31, 2E, 30, 22, 3E, 0D, 0A, 0D, 0A, 20, 20, 3C, 61, 73, 73, 65, 6D, 62, 6C, 79, 49...
 
[+]

Code size:
248 KB (253,952 bytes)

Remove dm319g.exe - Powered by Reason Core Security