downloadxpro.exe

DownloadX ActiveX Download Control 1.6

Software Development

The application downloadxpro.exe, “DownloadX ActiveX Download Control 1.6 Setup ” by Software Development has been detected as a potentially unwanted program by 39 anti-malware scanners. This is a self-extracting archive and installer and has been known to bundle potentially unwanted software. The installer uses the OpenCandy monitzation platform which will donwload and install offers in the setup for potentially unwanted software including ad/search-supported toolbars.
Publisher:
DownloadXCtrl.com   (signed by Software Development)

Product:
DownloadX ActiveX Download Control 1.6

Description:
DownloadX ActiveX Download Control 1.6 Setup

Version:
1.6.8.0

MD5:
13e3a15a289e301c64620b908c2a674c

SHA-1:
6d323343b5c5938ff1d8297f1d301180da188809

SHA-256:
0b20898a5279cc7dc1a28aa490b2ee4cac6fb21e051e7736c02d98384aace97e

Scanner detections:
39 / 68

Status:
Potentially unwanted

Explanation:
Packages the OpenCandy software bundler that offers to install additional software and may include web browser add-ons and toolbars which display advertising (based on publisher settings and geo context).

Analysis date:
11/24/2024 6:40:00 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Win32.Parite.B
5760508

Agnitum Outpost
Win32.Parite.B
7.1.1

AhnLab V3 Security
Win32/Parite
2015.10.25

Avira AntiVirus
W32/Parite
7.11.30.172

Arcabit
Win32.Parite.B
1.0.0.585

avast!
Parite
151022-0

AVG
Win32/Parite
2015.0.4355

Baidu Antivirus
Virus.Win32.Parite.$b
4.0.3.151025

Bitdefender
Win32.Parite.B
1.0.20.1490

Bkav FE
W32.Pinfi.B
1.3.0.7383

Clam AntiVirus
Heuristics.W32.Parite.B
0.98/21003

Comodo Security
Virus.Win32.Parite.gen
23468

Dr.Web
Win32.Parite.2
9.0.1.05190

Emsisoft Anti-Malware
Win32.Parite
10.0.0.5366

ESET NOD32
Win32/Parite.B virus
7.0.302.0

Fortinet FortiGate
Riskware/OpenCandy
10/22/2015

F-Prot
W32/Parite.B
4.6.5.141

F-Secure
Win32.Parite.B
5.14.151

G Data
Win32.Parite
15.10.25

IKARUS anti.virus
Virus.Parite
t3scan.1.9.5.0

K7 AntiVirus
Virus
13.212.17638

Kaspersky
Virus.Win32.Parite
15.0.0.562

McAfee
Virus.W32/Pate.b
18.0.204.0

Microsoft Security Essentials
Threat.Undefined
1.209.158.0

MicroWorld eScan
Win32.Parite.B
16.0.0.894

NANO AntiVirus
Trojan.Win32.OpenCandy.cufxmc
0.30.0.65070

Norman
Win32.Parite.B
03.12.2014 13:20:04

nProtect
Virus/W32.Parite.C
15.10.23.01

Panda Antivirus
W32/Parite.B
15.10.25.12

Quick Heal
W32.Perite.A
10.15.14.00

Rising Antivirus
PE:Virus.Parite!1.9B80[F1]
23.00.65.151023

Sophos
Virus 'W32/Parite-B'
5.20

Total Defense
Win32/Pinfi.A
37.1.62.1

Trend Micro House Call
Suspicious_GEN.F47V1219
7.2.295

Trend Micro
PE_PARITE.A
10.465.25

Vba32 AntiVirus
Virus.Win32.Parite.b
3.12.26.4

VIPRE Antivirus
Threat.46249
44732

ViRobot
Win32.Parite.A[h]
2014.3.20.0

Zillya! Antivirus
Virus.Parite.Win32.9
2.0.0.2471

File size:
14.8 MB (15,548,888 bytes)

Product version:
1.6.8.0

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Documents and Settings\{user}\My documents\downloads\downloadxpro.exe

Digital Signature
Authority:
Unizeto Technologies S.A.

Valid from:
11/25/2013 2:44:12 PM

Valid to:
11/25/2014 2:44:12 PM

Subject:
E=info@downloadxctrl.com, CN=DownloadXCtrl.com, OU=Software Development, O=Software Development, C=HR

Issuer:
CN=Certum Code Signing CA, OU=Certum Certification Authority, O=Unizeto Technologies S.A., C=PL

Serial number:
7EB2C518630B09F497BC4F2C845F248D

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
393216:tmgmp7uQP4u18+8oIumXxxBLSIHzYzARQkUlAKvztsb:txXQgu12umXzBnHGoJ4zub

Entry address:
0x14000

Entry point:
90, 90, 68, 68, EC, 96, 05, 59, BF, 1E, 40, 41, 00, 68, 98, 05, 00, 00, 5A, 90, 90, 31, 0C, 3A, 90, 83, EA, 03, 4A, 90, 90, 75, F4, 90, 80, 91, 97, 05, 68, EC, 96, 05, 68, EC, D6, 05, 90, 49, 96, 05, 58, 67, 7C, 05, B0, 7D, 7C, 05, 68, 5C, 94, 05, 97, 13, 69, FA, DC, 3C, D6, 05, 0C, 3E, D6, 05, 14, 3E, D6, 05, 68, EC, 96, 05, 68, EC, 96, 05, 68, EC, 96, 05, DC, 4A, 96, 05, 0A, 3E, 96, 05, 12, 3E, 96, 05, 68, EC, 96, 05, 68, EC, 96, 05, 68, EC, 96, 05, 68, EC, 96, 05, 74, 3D, D6, 05, 68, EC, 96, 05, 68, EC...
 
[+]

Entropy:
7.9998  (probably packed)

Code size:
39.5 KB (40,448 bytes)

Remove downloadxpro.exe - Powered by Reason Core Security