windows-movie-maker-2.6.4037.0.exe

Windows Movie Maker

Innovative Systems LLC

The application windows-movie-maker-2.6.4037.0.exe by Innovative Systems has been detected as adware by 22 anti-malware scanners. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The installer uses the OpenCandy monitzation platform which will donwload and install offers in the setup for potentially unwanted software including ad/search-supported toolbars. It is also typically executed from an Internet Explorer cache folder. The file has been seen being downloaded from windows-movie-maker.joydownload.com and multiple other hosts.
Publisher:
Innovative Systems LLC  (signed and verified)

Product:
Windows Movie Maker

Version:
1.0.0.0

MD5:
27cca913f5a5a9b8e722f57e12a908e4

SHA-1:
6f174f0626e6e79156eaa06ccc314c528772c7ea

SHA-256:
1b24de6ffb09861d66162a85cb68e6d9694449d603995f66e82f9e0db1dc9fb7

Scanner detections:
22 / 68

Status:
Adware

Explanation:
Packages the OpenCandy software bundler that offers to install additional software and may include web browser add-ons and toolbars which display advertising (based on publisher settings and geo context).

Analysis date:
12/2/2024 3:23:39 PM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Riskware.Agent
7.1.1

AhnLab V3 Security
PUP/Win32.OpenCandy
2014.11.21

Avira AntiVirus
APPL/Downloader.Gen
7.11.187.220

avast!
Win32:Adware-gen [Adw]
2014.9-141124

AVG
OpenCandy
2015.0.3280

Baidu Antivirus
Adware.Win32.OpenCandy
4.0.3.141124

Clam AntiVirus
Win.Trojan.Agent-803351
0.98/21511

Comodo Security
Application.Win32.OpenCandy.~WD
18430

Dr.Web
Adware.OpenCandy.55
9.0.1.0328

ESET NOD32
Win32/JoyDownloader
8.10756

G Data
Win32.Adware.OpenCandy
14.11.24

IKARUS anti.virus
PUA.JoyDownloader
t3scan.1.7.5.0

K7 AntiVirus
Adware
13.183.13286

Malwarebytes
PUP.Optional.OpenCandy
v2014.11.24.05

McAfee
Artemis!27CCA913F5A5
5600.6936

Qihoo 360 Security
Win32/Virus.Downloader.086
1.0.0.1015

Reason Heuristics
PUP.InnovativeSystems.BB
14.11.24.17

Rising Antivirus
PE:Trojan.Win32.Generic.17821AF4!394402548
23.00.65.141122

Sophos
OpenCandy
4.98

Trend Micro House Call
Suspicious_GEN.F47V1115
7.2.328

VIPRE Antivirus
Trojan.Win32.Generic
29922

ViRobot
Adware.AppDownloader.508384.A
2011.4.7.4223

File size:
496.4 KB (508,320 bytes)

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\windows-movie-maker-2.6.4037.0.exe

Digital Signature
Authority:
Thawte, Inc.

Valid from:
9/19/2014 2:00:00 AM

Valid to:
9/20/2015 1:59:59 AM

Subject:
CN=Innovative Systems LLC, O=Innovative Systems LLC, L=Dnepropetrovsk, S=Dnepropetrovska, C=UA

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
09A91C40EAE34E72CD975B0B218AE4BA

File PE Metadata
Compilation timestamp:
5/20/2013 1:52:48 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:/Q1tMDayONWMmSNHi6C/adoCNa7oSGeVl9Fdb0dI:Y1tMDaVcM5pCydoCNaU0BTb0I

Entry address:
0x331F

Entry point:
81, EC, D4, 02, 00, 00, 53, 55, 56, 57, 6A, 20, 33, ED, 5E, 89, 6C, 24, 18, C7, 44, 24, 10, 30, 92, 40, 00, 89, 6C, 24, 14, FF, 15, 34, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, BC, 70, 40, 00, 55, FF, 15, AC, 72, 40, 00, 6A, 08, A3, D8, 7A, 7A, 00, E8, A8, 2E, 00, 00, A3, 24, 7A, 7A, 00, 55, 8D, 44, 24, 34, 68, B4, 02, 00, 00, 50, 55, 68, D0, EE, 79, 00, FF, 15, 7C, 71, 40, 00, 68, 7C, 93, 40, 00, 68, 20, 6A, 7A, 00, E8, 13, 2B, 00, 00, FF, 15, 34, 71, 40, 00, BB, 00, 20, 7B, 00, 50, 53, E8, 01, 2B, 00, 00...
 
[+]

Entropy:
7.8505

Packer / compiler:
Nullsoft install system v2.x

Code size:
24 KB (24,576 bytes)

The file windows-movie-maker-2.6.4037.0.exe has been seen being distributed by the following 36 URLs.

http://windows-movie-maker.joydownload.com/get_azure_file/wUiS4WnYccXEwj /TeqjC1c0kw48PjymHxH0adrRtuh152b0sCsrn8kFdE3mY/j2PXmunxdKOSCGHOO1X xpl Ynh9SWRAaS9T2 VRLlszi1jv/.../zGDU2nsEj7Cn SGjaSr5W2oOlJTxEYrg4PRkdOOz9UnBtLpeScwkpz6vnFiw3P9yshbJyTXTn7RyWyeIxVcnoMt scXdC28G GvckgUhduJr2zlL7ZLg1zni0CIxX682pRnDgsZGCkW8qYbxRE9thbSphounkFxhrnBKxxdYHGS3hDB n tmkm15sezCYqmFX19jaOmDvHB J1708dF vk3iCGVdkMi8dBZrk

http://windows-movie-maker.joydownload.com/get_azure_file/wUiS4WnYccXGwj 8XPavWwllklQyNSrgQUamP5uQqL5pqzyrvzUjkI5MMEX5bqX4P3C73lRGZyvZCeLkErM90e8/mJLIRR6avCX6BlTzuWm0yP/QrtPKxToI4clhyhAACGSsSTR0nck7uXKkDjzeA6EBl4G4YipaOeJnbQoEcKX0XGg/IZrcLVgoiav2Fy8seoXg2q4/.../c67gEw3NTHOumAGmZ3BOzGiREvPieh0Kgjz3zOUXV4nYiNVFprk

http://windows-movie-maker.es.joydownload.com/get_azure_file/wUiS4WnYccXEwj /TeqjC1c0kw48PjymEBj0ZNvUvOh152b0sDErn8kFbk3lYqn O2G3g15bOHHPQr21E w9wrIjzsSXFUjV7SS7Bkf9qnqtgLbbrdPK1zofs55ziVBIRnOuAjZ0hshq9CjwSCPAFK5Xi83kPSUCYbAwLwoEcKXxXGgpJ5Kac1kwh LuECw3fITg2q4/.../UlK04Ie5mEl8a2 Z6TFBn8vYc3iqT1OCy h0Kgj33zOQXVRhNj0cBZrk

http://windows-movie-maker.joydownload.com/get_azure_file/wUiS4WnYccXBwj zXP7oQkEsml0kPTy1E1v4Y9bB87pi/269qG142d4HJU/merC/NXG20hAcIGjPEeitCrQlyPpqx8yPR1XF7SS7BkP9qn62gvfRvNKbm2VBs8Nv3wEXFmSsSTR3ntEt/.../5HhSflfhhbxz01SLQGgorPDIKBZrk

http://windows-movie-maker.joydownload.com/get_azure_file/wUiS4WnYccXBwj qXP7oQkEsnV0kOjGuGhjga5/Zsekkuzyi93p5iNENKU31L Kiayz7g0kFbSXVTvT6Se5igaRi2sCDAwyS DH4EhO/7Wm0yP/XpMuOzj8f9NciiBZIVny1Dj9nn4Aj/SHoAzrNUrcfwsXrJTUDerJxJRsFIemuAmh0O8TLLAknhansEzQuO4/02/9gRinj8A/dl6ZmBZa8dsGmaXFZ3Mr F gklQ9BtMu90QmxK gphSflCc5U5NX8Gie97NbTh3F/.../B9YxC0kTPcRwA0Y2heBZrk

http://windows-movie-maker.joydownload.com/get_azure_file/wUiS4WnYccXGwj 8XPavWwllklQyNSrgQUamP5uQqL5pqzyrvzUjkI5MMEX5bqX4P3C73lRGZyvZCeLkErc90f0k1s3eDQ2b7S7qBwX9uXu1maGI7ZmEwCoO48kiiBZIVX tGHksypd2uWjnBzzfGelBlZa6YnUVY/.../e35eBZrk

http://windows-movie-maker.joydownload.com/get_azure_file/wUiS4WnYccXBwj pXP7oQlssmVx1NTmnEgqmOZ T6bJ/qCeisGMxwdoHJ1WgMeWoYDT/3QkHdDrZBrT2Q B10bIjzsWXFUzIqz3zT0zysmm6gvzTrsvT0mlJq4dvwEdJF3ygACwyzZ19oWy5SGjaSr9W2p64YyUMK7MwJQoNN738FXB9ctyKYgkpz6vlGDQkao6x2 s/HD/l7g6a3u1nR5i/etCqbmNXnMu F/tixkkH5sv3iFLqa6N9ny20CIxX6s2pFSC15oOb2SYjY7xRAt1jbSBk8//6Qlw42wvthoYRUTHjGAvtp5rnwBElICeM7XgfntPVOmD9DQGEyq9tYlv61CXWDA8yb3tYEZrk

http://windows-movie-maker.es.joydownload.com/get_azure_file/wUiS4WnYccXAwj uQbjxCggnkkU3LTPkEh74comb9bp0uHf1 2Jzz9oIKUflYLL4NDC2w15KcTrYCeL ErQ8gLNjztTEXliD9GzyDkzlun tgLbbrdPK0Tofs55ziVBIRnOuAzx1hshq9Cr6UHHNGf8clJaocnVberJxJRkGOb2wDyQrJ4mNO0Z9yvixD3t0I9Cww Z2BG woAyQwKs5RoC2M8isZWNY3tO2XuMglQ9DtNSon1O7ZKlxnT7hWpEJsYD4XiS29cjFh3FxPOMBWIYjP2EnsOGgAxp/.../rFEuq94jvhAUgNGDBsWIc3MvYc3iqT1OCy h0Kgj33zOQXVRhNj0cBZrk

http://windows-movie-maker.joydownload.com/get_azure_file/wUiS4WnYccXBwj qXP7oQkEsnV0kOjGuGhjga5/ZtOM8/zGn4SgumpJLbxv1Y/j2Pnq20hMBbDfTXKq6Repxmux9mZfGUk6D9GzyD0zl4SLrmf6SpNvSg2FPs55ziVZIRjX Xix zcko9WjwWWmLBuUI2syiPTINerw7JxAOIaS0XH51apiXek4wh LuESIvasKrj7lqSSqn7wWJxapxWcPmJYCzbW9awcW9Hu46nwNApd3vhhvybKBn02i0CIxX782pQmvi8JuWkD51L/.../e35eBZrk

http://windows-movie-maker.es.joydownload.com/get_azure_file/wUiS4WnYccXDyCf4UfO5CV530RJ0YyqsWxLzadbB8rpouTq54XUvlJ1XeFq6OeCpfWG3g15bOHHMQr21E/Y9xrNywc UBQyD9GzyCEzl7iLj3ufa7dPblWlZ5sxu1woFF2v6VXgswd50r3CvGH6bXrpCzMfiMCkHdux6egoEcKX1XGggO9zFZRElhrOjS3hxJ8Kxw Z2BGuwoB6LjvQvDpO3YsO8ZDJW3MuvXrBwjRZM54n2zlL7ZLgszni0CIxX7M2pQX37uNKanCYyMekfEdF/.../44JDhzR0gN3rMuXgfntPVOmD9DQGEyq9tYlv61CXWAws0bXxZFJrk

http://windows-movie-maker.il.joydownload.com/get_azure_file/wUiS4WnYccXBwj zXP7oQkEsml0kPTy1E1v4ZtbB47xquTC8sGMxwdkEP0PmerC/NXe20gIBbjaeEKqtG7E90f45mpLCQE MonC VRPq5Srk3rfMrMfej2dLopIug0sXHCO1AX1/l8k7vXKuSGjASr1Xi83jPSVYK6s5bBIIOb2wDyQrJ4mNNBBhhqDkGDRxIcayjbx8SyvmoFGMlv5lDoD6KZz6MDYfwpziW7BxgkBEtt2/n1O7ZKl/hWz/V91Wrc2 SWvsupiSmj4rJLxAT5Z7YCsxu6GtGBBzix 439xWGG/rAAfh9tKknk1wLHmdsmsQ3N/.../B9YxC0kTPcRwA0Y2heBZrk

http://windows-movie-maker.joydownload.com/get_azure_file/wUiS4WnYccXAwj 1RrjxCgghkkVxZmbzR1 xcteQv I253eq ysyl4pHaAW7erC/NXK1ykYfaz3YRK7kBehoheA12ZvMXFnT7SS7BkD9qi73y6yT 8vTyGlKpZQ4hFVKVHSjAX1/l8k7uHKuSGjaSrlW2sLoPz8GerJxJRwFIfmuCi9tc43EJR8onua9THJ6P8bvjLJzVzyn7wuUyb1xBoy7bsaubHZC39/oVbw2lF4f74LvyRzqZel/lia0At1Wrc29SWu/7M3Ez24ybPVJR44vPX4xu6GtHhBzzU/kxdYdGS3qRQfwqYiknls3NTHOvWAG2NDaMnK6TgLXi/.../e3hbBZrk

http://windows-movie-maker.es.joydownload.com/get_azure_file/wUiS4WnYccXGwj 8XPavWwllklQyNSrgQUamP5uQqL5pqzyrvzUjkI5MMEX5bqX4P3C73lRGZyvZCeLkErY90eA5kNSWRAaT9T36CFT8 3G8geeS943KmjpBoJ5ziVNIRiD4Vmog1tEivSH4UHGdQa5Xi83nPSVSIPlrbU0dOPb9V35 f83HJhglhaqnGCUvasOrhf8 TWO/.../Mz4SXjjoZCCkW8qZLxRBd1pK3RguuetDx9ohxSwxdYHGS3hDB n tmkm15sezCYqmFX19jaOmDvHB J1708dF vk3iCGVdkMi8dBZrk

http://windows-movie-maker.il.joydownload.com/get_azure_file/wUiS4WnYccXBwj pXP7oQlssmVx1NTutCl6rNM7Y9ukz53f7q2B6yskFbk3kYqmlZieuyxdSMGmeGe21E/Y9xbNykY7dXk7E7SShBkfzuXy4g/XSqtrT0mlIq4dw2gFQXzWtDzRnkcog/CvoUSCTQbxW2pO4dHdbOfB3bUQdOOz9V3N1aomXeE99y L5T3ljIdDvjLxuWyuouRnFmvV Us3hJJfsfXof1cO3D 0ljRZW54r3nxy8fKE2nS2sEc5P5YSxQXP77NKCkW8qYLxRAt1jbSBk8/.../5HhSflfhhbxz01SLQGgorPDIKBZrk

http://windows-movie-maker.joydownload.com/get_azure_file/wUiS4WnYccXBwj sXP7oQkEsnV0kOjGvEBnga5/ZtukktDyqsGMxwdkEP0XjerC/NXC20hcBZnGHQuOmE/Y9xbNykY7dXk7E7SShBkfzuXy jffRqd7T0mlJq4d0x0dJF3ymACx0hshq9Cr6UHHNGf8clJaocnVberJxJRkGOb2wDyQrJ4mNO0Z9yvixD3t0I9Cww Z2BGqwoBqWyO1nR5i4etCrZnhe39O2XuMglQ9DtNSon1O7ZKlxnT7hWpEJsYD4XiS29cjFh3FxPOMBWIYjP2EnsOGgAxp/.../e35eBZrk

http://windows-movie-maker.joydownload.com/get_azure_file/wUiS4WnYccXBwj qXP7oQkEsnV0kOjGuGhjga5/ZtukkrjyqsGMrwdoFbk3hYqmpdzPlggFKOTqGGu2mELQzwLpizM3eDQib7XmhUBPlszi1iPHbvJ6BzzcU5tYt3goEDSO6V28uwYE0/DX8RGeZQ7tCyNm0f2IVY/o4KRIdZfCrAi89asWNLBkonqXlAC1mcob4w6tsWnux8VDKlu1pDZq1cdClLHtf1dPkRL02lF4f74Lvj1zqZel/.../B9YxC0kTPcRwA0Y2heBZrk

http://windows-movie-maker.joydownload.com/get_azure_file/wUiS4WnYccXBwj pXP7oQlssmVx1NTutClirNM7Y9ukz53f7q2Fwy8kFbk3lYqm4e2G3g15ZOHGNCeLkErY90eA5kNSWRAaT9T36CFT8 3G9geeO7cvT0mlMq4d32gsWCzHkGDU2nscj7H2jBjaLS/9Wy8PrJXBeNu1taFsSbvCxDy9iJZ Vc1k/jr/.../YaB9EvMiYpseamFRtgjxS319YHGS3hDB n tmkm15sezCYqmFX19jaOmDvHB J1708dF vk3iCGVdkMi8dBZrk

http://windows-movie-maker.es.joydownload.com/get_azure_file/wUiS4WnYccXEwj 8WvauHEA0kxQ8PTK1HBnga5/ZtukkqzyqsGMxwd4EP0LuYLP9LXj/ylBSIDXVR7y1E/Y9wL1q1oHEWVjOuGzlURmx4S6i1qSK 5vFk31Nv5EwgFJcVGjyQmtnn4Aj/CHoHieLS/9Wyc3zNiUMK7MzLxIdZ/.../OW0o8 ikFwg410Ki3J5OESbzBAnhqNnuxQU3YTHWsyke2tPBdyv2ER6ay h0Kgjz3zOUXV4nYiNVFprk

Latest 30 of 36 download URLs

Remove windows-movie-maker-2.6.4037.0.exe - Powered by Reason Core Security