home

crystaldiskmark3_0_3b-en.exe

CrystalDiskMark 3.0.3b

Noriyuki MIYAZAKI

The application crystaldiskmark3_0_3b-en.exe, “CrystalDiskMark Setup ” by Noriyuki MIYAZAKI has been detected as a potentially unwanted program by 4 anti-malware scanners. This is a setup and installation application and has been known to bundle potentially unwanted software. The installer uses the OpenCandy monitzation platform which will donwload and install offers in the setup for potentially unwanted software including ad/search-supported toolbars. The file has been seen being downloaded from download.softpedia.ro and multiple other hosts.
Publisher:
Crystal Dew World   (signed by Noriyuki MIYAZAKI)

Product:
CrystalDiskMark 3.0.3b

Description:
CrystalDiskMark Setup

Version:
3.0.3b

MD5:
cd4abab9bcdd3eb78917d50bc51c7134

SHA-1:
11e6d97324e12854896e1dd7283a9964be51e04e

SHA-256:
c124357189899324dbdad0529912d352f7fc9c1d2fb2ad6cd6f436563de113c8

Scanner detections:
4 / 68

Status:
Potentially unwanted

Explanation:
Packages the OpenCandy software bundler that offers to install additional software and may include web browser add-ons and toolbars which display advertising (based on publisher settings and geo context).

Analysis date:
4/25/2024 1:30:26 PM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
Win32/OpenCandy
8.9666

NANO AntiVirus
Trojan.Win32.OpenCandy.cuegqe
0.28.0.59048

Reason Heuristics
PUP.OpenCandy.Installer (L)
16.11.29.16

Trend Micro House Call
TROJ_GEN.F47V0405
7.2.102

File size:
1.6 MB (1,659,040 bytes)

Product version:
3.0.3b

Copyright:
Crystal Dew World

File type:
Executable application (Win32 EXE)

Digital Signature
Signed by:
Noriyuki MIYAZAKI

Authority:
GlobalSign nv-sa

Valid from:
2/5/2013 5:53:40 PM

Valid to:
2/6/2016 5:53:40 PM

Subject:
CN=Noriyuki MIYAZAKI, C=JP

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121D6683A851E981F3776DC28605DC830EF

File PE Metadata
Compilation timestamp:
10/13/2013 12:19:32 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:QQjszRr4n6X+Ys3maanjxDKS3Xta+Cwj4e:GRr66o3mBnjxDKVZw/

Entry address:
0x113BC

Entry point:
55, 8B, EC, 83, C4, A4, 53, 56, 57, 33, C0, 89, 45, C4, 89, 45, C0, 89, 45, A4, 89, 45, D0, 89, 45, C8, 89, 45, CC, 89, 45, D4, 89, 45, D8, 89, 45, EC, B8, 2C, 00, 41, 00, E8, E8, 51, FF, FF, 33, C0, 55, 68, 9E, 1A, 41, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 5A, 1A, 41, 00, 64, FF, 32, 64, 89, 22, A1, 48, 5B, 41, 00, E8, 16, D8, FF, FF, E8, 65, D3, FF, FF, 80, 3D, DC, 2A, 41, 00, 00, 74, 0C, E8, 2B, D9, FF, FF, 33, C0, E8, 80, 32, FF, FF, 8D, 55, EC, 33, C0, E8, E2, A3, FF, FF, 8B, 55, EC, B8, 50, 86...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
63.5 KB (65,024 bytes)

The file crystaldiskmark3_0_3b-en.exe has been seen being distributed by the following 13 URLs.

http://download.softpedia.ro/dl/3e882cb2127488126379ee049cd2c2b2/543f9dfc/100070870/software/.../CrystalDiskMark3_0_3b-en.exe

http://www.programosy.pl/.../pobierz,crystaldiskmark,2.html

http://download1us.softpedia.com/dl/aaef6d8f81039fc10e49fb451fd56e74/54035aea/100070870/software/.../CrystalDiskMark3_0_3b-en.exe

http://telechargement1.pcastuces.com/temp6bs2/.../CrystalDiskMark3_0_3b-en.exe

http://soft.telecharger.com/CrystalDiskMark3_0_3b-en.exe

http://download1uk.softpedia.com/dl/9dfff077cc3b492bc46ecd15a33b5f0d/53b156e9/100070870/software/.../CrystalDiskMark3_0_3b-en.exe

http://download.pcwelt.de/area_release/files/CF/53/.../CrystalDiskMark3_0_3b-en.exe

http://iij.dl.sourceforge.jp/crystaldiskmark/.../CrystalDiskMark3_0_3b-en.exe

http://sourceforge.jp/frs/redir.php?m=iij&f=/crystaldiskmark/.../CrystalDiskMark3_0_3b-en.exe

http://sourceforge.jp/frs/redir.php?m=osdn&f=/crystaldiskmark/.../CrystalDiskMark3_0_3b-en.exe

http://dl.cdn.chip.de/downloads/.../CrystalDiskMark3_0_3b-en.exe

http://jaist.dl.sourceforge.jp/crystaldiskmark/.../CrystalDiskMark3_0_3b-en.exe

http://sourceforge.jp/frs/redir.php?m=jaist&f=/crystaldiskmark/.../CrystalDiskMark3_0_3b-en.exe

Remove crystaldiskmark3_0_3b-en.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.