» avenged_sevenfold_discography.exe
Overview
Analysis
File Details
Downloads (129)

avenged_sevenfold_discography.exe

OOO

The application avenged_sevenfold_discography.exe by OOO has been detected as adware by 23 anti-malware scanners. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The installer uses the OpenCandy monitzation platform which will donwload and install offers in the setup for potentially unwanted software including ad/search-supported toolbars. The file has been seen being downloaded from downlite.net and multiple other hosts.

File name:

Publisher:

OOO (signed and verified)

MD5:

e9e5059dd650966744ac2eece2db9b28

SHA-1:

ad6daa38834f7a81dbc11b100cfb82388e685f8a

SHA-256:

1b28f229e94ce2f1e8fc7ea4cd008f319d6a88bf7e69e197ddfb2b44dd5ad3bb

Scanner detections:

23 / 68

Status:

Adware

Explanation:

Packages the OpenCandy software bundler that offers to install additional software and may include web browser add-ons and toolbars which display advertising (based on publisher settings and geo context).

Analysis date:

4/25/2024 6:22:14 PM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

PUA.Lyckriks

7.1.1

AhnLab V3 Security

Adware/Win32.Lyckriks

2014.01.12

avast!

NSIS:Adware-LK [PUP]

2014.9-131224

Bkav FE

W32.Clod108.Trojan

1.3.0.4613

Comodo Security

Heur.Suspicious

17598

Dr.Web

Adware.Downware.1329

9.0.1.0358

ESET NOD32

Win32/OpenCandy

7.9279

Fortinet FortiGate

Adware/Lyckriks

12/24/2013

F-Prot

W32/OpenCandy.A

v6.4.7.1.166

K7 AntiVirus

Unwanted-Program

13.175.10814

Kaspersky

not-a-virus:AdWare.Win32.Lyckriks

14.0.0.4573

Malwarebytes

PUP.Optional.OpenCandy

v2013.12.24.07

McAfee

Artemis!E9E5059DD650

5600.7272

NANO AntiVirus

Trojan.Win32..cjeild

0.28.0.57029

Norman

Suspicious_Gen4.EMXWK

11.20131224

Quick Heal

AdWare.Lyckriks.cw (Not a Virus)

1.14.12.00

Reason Heuristics

PUP.OOO.DD

14.2.21.1

Rising Antivirus

PE:PUF.OpenCandy!1.9DE5

23.00.65.131222

Sophos

OpenCandy

4.96

Trend Micro House Call

TROJ_SPNR.08JK13

7.2.358

Trend Micro

TROJ_SPNR.09H113

10.465.24

Vba32 AntiVirus

AdWare.Lyckriks

3.12.24.3

VIPRE Antivirus

Adware.Privitize

25350

File size:

5.5 MB (5,792,936 bytes)

File type:

Executable application (Win32 EXE)

Installer:

NSIS (Nullsoft Scriptable Install System)

Common path:

C:\users\{user}\downloads\avenged_sevenfold_discography.exe

Digital Signature

Signed by:

OOO

Authority:

COMODO CA Limited

Valid from:

8/2/2012 12:00:00 AM

Valid to:

8/2/2015 11:59:59 PM

Subject:

CN="OOO ""Industry""", O="OOO ""Industry""", STREET="Vsevolzhsky 2, bld. 2", L=Moscow, S=Moscow, PostalCode=119034, C=RU

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00D139BDA20096871840DCE08E6A80B6F0

File PE Metadata

Compilation timestamp:

12/5/2009 10:50:52 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

98304:ku9EzzqEKn7QSNak6VyhDLYnWO2XJ4tpx69BIMYMqjO97vbNnLltx:tkOEKsniMn92Xitpx6DzYMSCvbNhf

Entry address:

0x30FA

Entry point:

81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 18, EC, 42, 00, E8, F1, 2B, 00, 00, A3, 64, EB, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 98, 8F, 42, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 60, E3, 42, 00, E8, A4, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 40, 43, 00, 50, 57, E8, 92, 28, 00, 00... 
[+]

Packer / compiler:

Nullsoft install system v2.x

Code size:

23.5 KB (24,064 bytes)

The file avenged_sevenfold_discography.exe has been seen being distributed by the following 50 URLs.

http://downlite.net/download.php?c=nsoccr&n=Despicable_Me_2_2013_720p_TS_XviD_MP3_MiLLENiUM&b=nsoccr

http://downlite.net/download.php?c=nsoccr&n=500_Oldies_Superhits[mp3]&b=nsoccr

http://downlite.net/download.php?c=nsoccr&n=Swat.4-RELOADED&b=nsoccr

http://downlite.net/download.php?c=nsoccr&n=Spin_Tires_Tech_Demo&b=nsoccr

http://downlite.net/download.php?c=nsoccr&n=Anitta_(Bonus_Track_Version)_[iTunes_Plus]_[AAC]_[M4P]&b=nsoccr

http://downlite.net/download.php?c=nsoccr&n=Call_of_Duty_Modern_Warfare_3_Crack_Only-RELOADED&b=nsoccr

http://downlite.net/download.php?c=nsoccr&n=World_of_Warcraft:_Cataclysm_4.3.4enGB_(15595)_&b=nsoccr

http://downlite.net/download.php?c=nsoccr&n=Grand_Theft_Auto_GTA_San_Andreas.Multilanguage.Crack.multiplayer&b=nsoccr

http://downlite.net/download.php?c=nsoccr&n=Football_Manager_2013-SKIDROW&b=nsoccr

http://downlite.net/download.php?c=nsoccr&n=Mathworks.Matlab.R2013a-CYGiSO&b=nsoccr

http://downlite.net/download.php?c=nsoccr&n=Final_Fantasy_7_OST_[Remastered_Edition]&b=nsoccr

http://downlite.net/download.php?c=nsoccr&n=Serious_Sam_II_[PC-DVD]_[Shoot\'em_up]&b=nsoccr

http://downlite.net/download.php?c=nsoccr&n=Big_and_Rich_-_Horse_of_a_diffrent_color&b=nsoccr

http://downlite.net/download.php?c=nsoccr&n=The_Amazing_Spider-Man-SKIDROW&b=nsoccr

http://downlite.net/download.php?c=nsoccr&n=Driver_3_[Multilingual_ENG-SPA-DE-FR-ITA][DVD]&b=nsoccr

http://downlite.net/download.php?c=nsoccr&n=ADOBE_PHOTOSHOP_CS5.1_EXTENDED_EDITION_[thethingy]_&b=nsoccr

http://downlite.net/.../2002)&b=nsoccr

http://downlite.net/download.php?c=nsoccr&n=Ronnie_James_Dio_-_Discography_1983-2006_[Mp3_192-320_Kbps]&b=nsoccr

http://downlite.net/download.php?c=nsoccr&n=The_Dukes_Of_Hazzard_Complete_Series_Season_(s)_1-7&b=nsoccr

http://downlite.net/download.php?c=nsoccr&n=Hora_de_Aventura_1a_Temporada_-_Audio_Portugues_BR_-_HD&b=nsoccr

http://downlite.net/download.php?c=nsoccr&n=Sacrificial_Magic_-_Stacia_Kane_-_2012_[epub.pdf]&b=nsoccr

http://downlite.net/download.php?c=nsoccr&n=RosettaStone_French_I_&b=nsoccr

http://downlite.net/download.php?c=nsoccr&n=Hans_Zimmer_-_Man_Of_Steal_2013_Deluxe_[Bubanee]&b=nsoccr

http://downlite.net/download.php?c=nsoccr&n=Atomix_Virtual_Dj_Pro_7.0.5.b370_with_crack&b=nsoccr

http://downlite.net/download.php?c=nsoccr&n=The_Sims_3_-_Razor1911_Final_MAXSPEED&b=nsoccr

http://downlite.net/download.php?c=nsoccr&n=World_of_Warcraft:_Wrath_of_the_Lich_King_3.3.5a_(12340)&b=nsoccr

http://downlite.net/download.php?c=nsoccr&n=Harry_Potter_And_The_Chamber_Of_Secrets_[PC-Game]&b=nsoccr

http://downlite.net/download.php?c=nsoccr&n=Cube_World_(2-click_run)&b=nsoccr

http://downlite.net/download.php?c=nsoccr&n=GTA_Vice_City_-_Deluxe&b=nsoccr

http://downlite.net/download.php?c=nsoccr&n=Drake_-_Started_from_the_Bottom_(2013_Single)_[.mp3_256kbps]_{DH&b=nsoccr

Latest 30 of 129 download URLs

Remove avenged_sevenfold_discography.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.