home

OpenKeywordC.exe

OpenKeywordC

Maroin Co., Ltd

The application OpenKeywordC.exe by Maroin Co. has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
TGSM  (signed by Maroin Co., Ltd)

Product:
OpenKeywordC

Version:
2.0.0.2

MD5:
c1bb7c5cbb10e793ae8c87b9ab30522e

SHA-1:
e093c0b6c11a1742c02d840a2a5eba43952568eb

SHA-256:
af904180389579cd6e0ad5e364284ca3e26d42572729732fbfaf5b830f8a76d9

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
4/25/2024 8:20:14 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.MaroinCo (M)
16.2.4.17

File size:
823 KB (842,712 bytes)

Product version:
2.0.0.2

Copyright:
TGSM. All rights reserved.

Original file name:
OpenKeywordC.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\openkeyword\openkeywordc.exe

Digital Signature
Signed by:
Maroin Co., Ltd

Authority:
Thawte, Inc.

Valid from:
1/14/2013 9:00:00 AM

Valid to:
1/15/2014 8:59:59 AM

Subject:
CN="Maroin Co., Ltd", OU=Dev Team, O="Maroin Co., Ltd", L=Haeundae-gu, S=Busan, C=KR

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
45D35AE0597265A616314A55E3EBE91B

File PE Metadata
Compilation timestamp:
3/29/2013 11:14:28 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
12288:eO4t3G1oDZ4Uo4nvWNTuTLnVgH4Vwz/V:eO4PDZ4Uo4eNTuPnTVwz

Entry address:
0x31F0B

Entry point:
E8, 0F, A0, 00, 00, E9, 78, FE, FF, FF, 33, C0, 38, 05, 3C, 20, 49, 00, 75, 1B, 50, 6A, 01, 50, 50, 50, C6, 05, 3C, 20, 49, 00, 01, E8, F8, 19, FE, FF, 50, E8, 7E, A0, 00, 00, 83, C4, 18, C3, 6A, 01, 33, C0, 6A, 01, 50, 50, 50, E8, E0, 19, FE, FF, 83, C4, 14, C3, 75, 01, C3, 55, 8B, EC, 83, EC, 00, 50, 52, 53, 56, 57, 6A, 00, FF, 75, 04, E8, 23, A3, 00, 00, 59, 59, 5F, 5E, 5B, 5A, 58, 8B, E5, 5D, C3, 8B, FF, 55, 8B, EC, 51, 51, 53, 56, 8B, F2, 33, DB, 39, 1E, 8B, D1, 89, 55, F8, 89, 5D, FC, 7E, 3F, 57, BF...
 
[+]

Entropy:
5.4931

Code size:
446 KB (456,704 bytes)

Remove OpenKeywordC.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.