orbit.downloader.4.1.1.19.portable.rar
The file orbit.downloader.4.1.1.19.portable.rar has been detected as a potentially unwanted program by 18 anti-malware scanners. It uses the OpenCandy monitzation platform which will donwload and install offers in the setup for potentially unwanted software including ad/search-supported toolbars. The file has been seen being downloaded from cfile28.uf.tistory.com.
File name:
orbit.downloader.4.1.1.19.portable.rar
MD5:
e3d678a291ee1c42e66aafbf56d9d2f6
SHA-1:
36bb712861a3c0ed452883c8b85cc106e6410bd1
SHA-256:
c11cf8f38be56a3920900a92b2c5683f97e41f5fe72712c628e203490d411f91
Scanner detections:
18 / 68
Status:
Potentially unwanted
Explanation:
Packages the OpenCandy software bundler that offers to install additional software and may include web browser add-ons and toolbars which display advertising (based on publisher settings and geo context).
Analysis date:
3/11/2025 6:04:19 AM UTC (today)
Scan engine
Detection
Engine version
Agnitum Outpost
Riskware.OpenCandy
7.1.1
Baidu Antivirus
PUA.Win32.Downloader
4.0.3.151124
Bkav FE
W32.HfsAdware
1.3.0.7383
ESET NOD32
Win32/OpenCandy potentially unsafe application
7.0.302.0
G Data
Win32.Application.OpenCandy
15.11.25
K7 AntiVirus
Unwanted-Program
13.211.17622
Kaspersky
Trojan-DDoS.Win32.OrboDDoS
15.0.0.562
Malwarebytes
PUP.Optional.OpenCandy
v2015.11.24.06
NANO AntiVirus
Trojan.Win32.OpenCandy.dwzazk
0.30.26.3947
Panda Antivirus
PUP/Multitoolbar
15.11.24.06
Quick Heal
NetTool.GushUnleashed.r4 (Not a Virus)
11.15.14.00
Rising Antivirus
PE:PUF.OpenCandy!1.9DE5[F1]
23.00.65.151122
Sophos
PUA 'OpenCandy'
5.15
Trend Micro House Call
ADW_OPENCANDY
7.2.328
Trend Micro
ADW_OPENCANDY
10.465.24
Vba32 AntiVirus
TrojanDDoS.OrboDDoS
3.12.26.4
VIPRE Antivirus
InstallCore
44756
File size:
5.9 MB (6,218,862 bytes)
Common path:
C:\users\{user}\downloads\orbit.downloader.4.1.1.19.portable.rar
The file orbit.downloader.4.1.1.19.portable.rar has been seen being distributed by the following URL.