kantaris_0.7.7_rus_setup.exe

Kantaris

Christofer Persson

The application kantaris_0.7.7_rus_setup.exe, “Kantaris Setup ” has been detected as a potentially unwanted program by 2 anti-malware scanners. The program is a setup application that uses the Inno Setup installer, however the file is not signed with an authenticode signature from a trusted source. The installer uses the OpenCandy monitzation platform which will donwload and install offers in the setup for potentially unwanted software including ad/search-supported toolbars.
Publisher:
Christofer Persson

Product:
Kantaris

Description:
Kantaris Setup

MD5:
ef1e49172f2a685c5b5a7c3ccd2113db

SHA-1:
30be86bdc92bd56b0c615172a03615d0fb5e1a6a

SHA-256:
61964265cad0a5971e042b81ae785262c2616304a29f7ef5bb9a6904957adb9c

Scanner detections:
2 / 68

Status:
Potentially unwanted

Explanation:
Packages the OpenCandy software bundler that offers to install additional software and may include web browser add-ons and toolbars which display advertising (based on publisher settings and geo context).

Analysis date:
11/27/2024 3:52:57 AM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
8.9574

Reason Heuristics
PUP.OpenCandy.Installer (L)
16.11.29.13

File size:
16.8 MB (17,563,967 bytes)

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

File PE Metadata
Compilation timestamp:
3/17/2011 5:22:54 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
393216:2Gwomie7SR2IGcNA/Wd5D4uS172Tn31TYW/jIbzgTM:2GVmaR2IGn/WvD4uUOlPrQzgTM

Entry address:
0x16478

Entry point:
55, 8B, EC, 83, C4, A4, 53, 56, 57, 33, C0, 89, 45, C4, 89, 45, C0, 89, 45, A4, 89, 45, D0, 89, 45, C8, 89, 45, CC, 89, 45, D4, 89, 45, D8, 89, 45, EC, B8, B0, 52, 41, 00, E8, AC, 03, FF, FF, 33, C0, 55, 68, 45, 6B, 41, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 01, 6B, 41, 00, 64, FF, 32, 64, 89, 22, A1, 48, AB, 41, 00, E8, 4E, EC, FF, FF, E8, F5, E7, FF, FF, 8D, 55, EC, 33, C0, E8, 7F, 84, FF, FF, 8B, 55, EC, B8, AC, D6, 41, 00, E8, E2, E9, FE, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, AC, D6, 41, 00, B2, 01...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
84 KB (86,016 bytes)

The file kantaris_0.7.7_rus_setup.exe has been seen being distributed by the following 30 URLs.

https://kantaris.en.softonic.com/download-tracker?th=1/6CH9aeXedl4L8u BHNJXWTW LP1LFlnGQpxqjlxAOC7j4Mi9P8K6M9rHW2J8C3zR BxTZ883rUfv12wE9FjqUZ3h/4Pbk6YAyg/TdlY xX4Fd4NLg0dQIUuPbxO4CV3apYToIccbWZxZLZAUC1Y3nkQz6Ajbz/DVc2Mc4qFAhDjqTx3KcdQBA4rZ83YD8alVUk3u5BgeaBIv4XsKU2zfMVSiQQ18dlyrHjBbQmEMBkJ35aaTlsoAxIClsqHs0cBPWu3vtoz4Lp4a5uOgmrisykwROySkzbP6ZZz51nlVROZBRC8A2Rhl4jd5QBocgwmrzvTKlcOTJZROAgw3fIik3eYK9q84OWY9eQiZwfiPnAwyZ17r2mqIrTvqT5ZBQxpO8rUUZow1ahLApU5cMpQqAWCcqcN/D6/uzlUDFryZgy4T4mypW3LnnLw3nKBj0zfuoinCd1veesZm6yccFFDwNTljaXokR5Ux2LdyVkqx0WQ8nh1cioR0ODVv14ZDNkKPvBouUW/.../IBrJdLPQc39UhFVFj3dhZYa7H2732sMYbBgs3fGLS40e5CzImtF0dNQY3oD8lspwAQJIubrF3izdIfY=

http://kantaris-media-player.softonic.it/download-tracker?th=1/6CH9aeXedl4L8u BHNJXWTW LP1LFlnGQpxqjlxAP7F/.../W1BnrE0lqiSoIUV0YTCBPRfx67dWjSf8JzaEN f8BhJXhXTu0npcXJznrDyuQ7m5JZdjHNy1S3JyX5WQaBA3D15MqckzuKgbbA4cWboiZ44=

http://gsf-cf.softonic.com/30b/e86/.../file?SD_used=0&channel=WEB&fdh=no&id_file=63757&instance=softonic_es&type=PROGRAM&Expires=1463660843&Signature=J76SeYA5jnIIQzTqGv505e0UzEDtoSssUpGERmVIVxZYMEbPsagw6HHtZKQFwjvBC7~RbjOUTfwWhXHzn5lpHrCHaTNvi0AFf458-V6BgGH3W6KZagvhDEBokeqWsXEVfeA8filybAqFXkEDajs8L9SUR8LsFCRNZARuxA486Bo_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Kantaris_0.7.7_setup.exe

http://gsf-cf.softonic.com/30b/e86/.../file?SD_used=0&channel=WEB&fdh=no&id_file=63757&instance=softonic_fr&type=PROGRAM&Expires=1483834617&Signature=epxBGtGLnYNSADwnx6t6o6yZ67V5ysTd48djjta5w7su21xWNqqzolm7TbS6SyodD~IaQQ51w0DLpX9gRKGlGmUXVK1UNrkwiANgj6470Y659xfgV73kxaStp-Wu-5rhblYeAyPCYXJw0bdOFLxguKoGnc~-gYJfOAkaT5tX4z4_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Kantaris_0.7.7_setup.exe

http://gsf-cf.softonic.com/30b/e86/.../file?SD_used=0&channel=WEB&fdh=no&id_file=63757&instance=softonic_es&type=PROGRAM&Expires=1477031442&Signature=GuRZaJ~BHYaZI2l4MrlnYMahNkroZ9loOB~DG8luLxf4eKPTxAFF~e1J9stTwLY8ciEiW8MPSDJHLRpF7bNIKZ7PQUU6-UKOj7i6gE2Uf~CZ~vfMyGLAlj6dqN4z04i-AGPyeX-JVIzljlJaX3ZlPZHeqCsNJQS-zdQwnqobbqE_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Kantaris_0.7.7_setup.exe

http://gsf-cf.softonic.com/30b/e86/.../file?SD_used=0&channel=WEB&fdh=no&id_file=63757&instance=softonic_es&type=PROGRAM&Expires=1479626253&Signature=CE~y3Gh7YT6lpM7m~zaiPhpnoMqGk9eHHBIymYRA44yRT53W64w3N0mLyJJibPBlhxiim~-QIyQ5vG0Pj4yj4tU~kwLYZmS5Yid2PQIVi7AxJB-NNG44Loldm5QVfyBtQSHsYQhO7-dvdi6Qc04i8t8FQ9KaU0IWtgQT6RZ6fU4_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Kantaris_0.7.7_setup.exe

http://gsf-cf.softonic.com/30b/e86/.../file?SD_used=0&channel=WEB&fdh=no&id_file=63757&instance=softonic_en&type=PROGRAM&Expires=1478201502&Signature=FcNcnnG2RHXvgqJPKmO4yNlLNAwkYOYdZOIpHWoDMx8niHKZVwhigg89q2fDKG6DkO746S~Joh1uELe3whTFlSnOzVXArebAxlqXFAUmtFgwm1WFvnvfii7XhpuKpzUGQEI7xXnv8Fz9otcZ7hvW6dkBisiWWozDQzSen-8cQk0_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Kantaris_0.7.7_setup.exe

http://kantaris-media-player.softonic.com/download-tracker?th=8yS3 KGEYLiw7GKMHzA/trmsvRChbxdrflJq3ZIylWua0WOhTcHSME9T20NZ2TRMJqKfbjPZHD4FTSETRy0KsYgMMuvGzAkmP8OLqNTPIWw4GG5L2i8UtggAoUoqa0Ys2sOq5tKPYVEUK0fRdwquZoqR78gLUt3Hvi77Jn E5jCL3mXl8ASluYDZOXNe1BFTYx4/wi1EGiBp9tA LVH9fBiGQQRt57Frj8TSFaE0iViMtXQn/Tutzt0ivFLrLg33J3TV4GoNUjAsLEKDLx0zvYoeaQwBXMMWuRK7LaCUugzOjqfVbOO/l2sO sVxMz998agWZ9hA B1jDuo0DHVmjIoeZzFZxrC/m1CT7tET0YJgR/u52ihYZVab7BAEDGnJn3keDXUMdOf25McC2lXymZIc iPqhtdLKRwyN7tQmVfiPDnCQHzvXSQKtvMus/tQ2yKGSapuVYuCU6Nfsc qMXPJoRWB37V74ixLP88RvzIyR4aJ919zM2TN3zSpj38mAkJUKFuDBgAa9vWPuGaLCTQp6GHLmb5jUuwEJdnw5qKIigrcIoeOFnhAsldxrbq3SZNPmGKcadQzxbbGJ VEbTpZhmlLJs/K9BbVsOvBV/.../O6omySOGx3nQvf Aqd6Bpki8iVnMZIA5k=

http://gsf-cf.softonic.com/30b/e86/.../file?SD_used=0&channel=WEB&fdh=no&id_file=63757&instance=softonic_es&type=PROGRAM&Expires=1472286698&Signature=BgzE97VNIEAXCojrTOFr-LAZYKS7iGlWD~-AbK3gWEvnHTcmm7DEevR5UXVtBq4MD4pq6uSRrMpcFBaVAH1kHu-8pb4bF9jHOYmKpUaMuuirVx6Keh8S1FPaU9nwFs7nMr~YXB89JmhO7wzmmxzd48Qy3DSvAa89HTBFRwhac0w_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Kantaris_0.7.7_setup.exe

http://gsf-cf.softonic.com/30b/e86/.../file?SD_used=0&channel=WEB&fdh=no&id_file=63757&instance=softonic_es&type=PROGRAM&Expires=1480370788&Signature=LRnLdZDgN2HrjfL~3u~cAsyj1yyg0ZJC~gmOyUbcbmeH4xElFjwzvx8U5K9aZ9R34BmFKX4ifBvOkR-Jk2pXsH6cjrQRGmDredY37Z0Ks6RVDUEOBprkSqjLNQ4CNVa40VZXSpsumiNktd9KMOaRTebNmZqIpY1Ii3vQNpcLw4o_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Kantaris_0.7.7_setup.exe

http://kantaris-media-player.softonic.com/download-tracker?th=8yS3 KGEYLiw7GKMHzA/trmsvRChbxdrflJq3ZIylWua0WOhTcHSME9T20NZ2TRMJqKfbjPZHD4FTSETRy0KsYgMMuvGzAkmP8OLqNTPIWw4GG5L2i8UtggAoUoqa0Ys2sOq5tKPYVEUK0fRdwquZoqR78gLUt3Hvi77Jn E5jCL3mXl8ASluYDZOXNe1BFTYx4/wi1EGiBp9tA LVH9fBiGQQRt57Frj8TSFaE0iViMtXQn/Tutzt0ivFLrLg33J3TV4GoNUjAsLEKDLx0zvYoeaQwBXMMWuRK7LaCUugzxcColTvyECaVFC23V99pf7dGvXod5UpFhpkIhI9XoYEIWSuXUHN/bh7Y9K8qt1iiYBmuIbrFub2OVpHpsa8Blm1vMm8Xhs5mwGEwzxIRgVSp0f3j6S8maqn7gQ/7G3kq64R6KQs0EaYKYqFRSgSPlKYBA0MgjtNi1WIRratMeB0uEJICJm8qpT68E2 eqHL4tSQghrEWPMtvpWIh56XYgF3yJ4N6LerVHlBxE1MUdBdh767BaYANwIkajtjT0RnyIigrcIoeOFnhAsldxrbq3SZNPmGKcadQzxbbGJ VEbTpZhmlLJs/K9BbVsOvBV/.../O6omySOGx3nQvf Aqd6Bpki8iVnMZIA5k=

http://gsf-cf.softonic.com/30b/e86/.../file?SD_used=0&channel=WEB&fdh=no&id_file=63757&instance=softonic_es&type=PROGRAM&Expires=1461299430&Signature=PRcLCaNvQdjFSOSFAOwlh5Bn4VA3nCu8R5lwzt9i9HqVlpvchu9aD92g9YT8Tb7S7JSzDqKbzFFOC9HoZ5gYe-JGT8u~Jp2AXG22FsHIq6~t2JcsNmgoOd9oxfW3h4YhNJAnYROKRb~5TRugw-7dPpGpv1YKmwSwbSjuqxsJUE4_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Kantaris_0.7.7_setup.exe

http://ec.ccm2.net/it.ccm.net/download/.../Kantaris_0.7.7_setup.exe

http://kantaris-media-player.softonic.com/download-tracker?th=8yS3 KGEYLiw7GKMHzA/trmsvRChbxdrflJq3ZIylWua0WOhTcHSME9T20NZ2TRMJqKfbjPZHD4FTSETRy0KsYgMMuvGzAkmP8OLqNTPIWw4GG5L2i8UtggAoUoqa0Ys2sOq5tKPYVEUK0fRdwquZoqR78gLUt3Hvi77Jn E5jCL3mXl8ASluYDZOXNe1BFTYx4/wi1EGiBp9tA LVH9fBiGQQRt57Frj8TSFaE0iViMtXQn/Tutzt0ivFLrLg33J3TV4GoNUjAsLEKDLx0zvYoeaQwBXMMWuRK7LaCUugzVyju9vU1872l1LJoXfdV/R eNOQ1MQG6zUryItPcwEhSb52uAsQu0lyQZf5ydT3RDtfQ93hhKCsFrhZ/QBegursWhlxWlvPpB 5PRg0AZhOTmN7Esjx2MHnpObGn6JVKckuoto5uv OAG h1J1M K0ObWEBz3emsZoANGc61LiG Id AapXE3udWDxDMoF/nDN3/0xXFmBQCUR6hMyRvlSP6NfsqLEIkna3a5MfoUAe2r1qNV5r8d8qKVjNblPCqIigrcIoeOFnhAsldxrbq3SZNPmGKcadQzxbbGJ VEbTpZhmlLJs/K9BbVsOvBV/.../O6omySOGx3nQvf Aqd6Bpki8iVnMZIA5k=

http://kantaris.en.softonic.com/download-tracker?th=1/6CH9aeXedl4L8u BHNJXWTW LP1LFlnGQpxqjlxAOC7j4Mi9P8K6M9rHW2J8C3zR BxTZ883rUfv12wE9FjqUZ3h/4Pbk6YAyg/TdlY xX4Fd4NLg0dQIUuPbxO4CV3apYToIccbWZxZLZAUC1Y3nkQz6Ajbz/DVc2Mc4qFAhDjqTx3KcdQBA4rZ83YD8alVUk3u5BgeaBIv4XsKU2zfMVSiQQ18dlyrHjBbQmEMBkJ35aaTlsoAxIClsqHs0cBPWu3vtoz4Lp4a5uOgmrisykwROySkzbP6ZZz51nlXwYBoLkS7gNVcpCQbu5Zu7pGP MbhqDljyQPKWU3SQnrgRv9ebj4cnYRy03KKXBREyfXGeYA 1buyYs/5I7GZFn6FfAq3ZKPDvLlkagJtYSfn7A2wuYazy09W9hm5mdG70VN4eMWtROaXQKAQhANZXHQcbJ0WaRgJpaBczYgtV 6NVa1OCQUmr/uh/R5TEJHrAFNffssFCytndz/.../IBrJdLPQc39UhFVFj3dhZYa7H2732sMYbBgs3fGLS40e5CzImtF0dNQY3oD8lspwAQJIubrF3izdIfY=

Latest 30 of 30 download URLs

Remove kantaris_0.7.7_rus_setup.exe - Powered by Reason Core Security