home

PhotoScape_V3.6.5.exe

PhotoScape

Mooii Tech

The application PhotoScape_V3.6.5.exe by Mooii Tech has been detected as a potentially unwanted program by 3 anti-malware scanners. This is a setup and installation application and has been known to bundle potentially unwanted software. Additionally, the file is typically installed by a number of programs including Pixia by Isao Maruoka and Garena - League of Legends by Garena Online Pte Ltd.. The installer uses the OpenCandy monitzation platform which will donwload and install offers in the setup for potentially unwanted software including ad/search-supported toolbars.
Publisher:
Mooii  (signed by Mooii Tech)

Product:
PhotoScape

Description:
PhotoScape Setup

Version:
V3.6.5

MD5:
369b74993cad72f67723a9c2877bfba3

SHA-1:
057c95466aad91380f7ca08599feddaef90677a0

SHA-256:
c23c261c4e45f4a3cf8742fe1bf16bfbc93bb447aa0ba96db16f231d1a199d65

Scanner detections:
3 / 68

Status:
Potentially unwanted

Explanation:
Packages the OpenCandy software bundler that offers to install additional software and may include web browser add-ons and toolbars which display advertising (based on publisher settings and geo context).

Analysis date:
4/20/2024 5:22:09 AM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
Win32/OpenCandy
7.9190

Malwarebytes
PUP.Optional.OpenCandy
v2013.11.25.04

Rising Antivirus
PE:PUF.OpenCandy!1.9DE5
23.00.65.131208

File size:
20.3 MB (21,331,096 bytes)

Copyright:
Copyright (C) 2005-2013 Mooii

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\photoscape_v3.6.5.exe

Digital Signature
Signed by:
Mooii Tech

Authority:
VeriSign, Inc.

Valid from:
12/11/2011 7:00:00 PM

Valid to:
12/11/2014 6:59:59 PM

Subject:
CN=Mooii Tech, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Mooii Tech, L="Dongnam-gu, Cheonan-si", S=Chungcheongnam-do, C=KR

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
7A726660859B24864C7E2B8B14EC5EA6

File PE Metadata
Compilation timestamp:
4/10/2010 8:19:23 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
393216:buZ2PYorkdPTuaDcWXioqwe27RseRkGktR/TVFmi5FE7s0ekaKEQJkdVmjxelj:bnPlirXDzyoqk1R4R/TVFmi5FE7sXk3O

Entry address:
0x33E9

Entry point:
81, EC, D4, 02, 00, 00, 53, 55, 56, 57, 6A, 20, 33, ED, 5E, 89, 6C, 24, 18, C7, 44, 24, 10, 70, 85, 40, 00, 89, 6C, 24, 14, FF, 15, 30, 80, 40, 00, 68, 01, 80, 00, 00, FF, 15, B4, 80, 40, 00, 55, FF, 15, B0, 82, 40, 00, 6A, 08, A3, 78, 06, 47, 00, E8, 67, 27, 00, 00, 55, 68, B4, 02, 00, 00, A3, 90, 05, 47, 00, 8D, 44, 24, 38, 50, 55, 68, 6C, 85, 40, 00, FF, 15, 80, 81, 40, 00, 68, 54, 85, 40, 00, 68, 80, 85, 46, 00, E8, 35, 26, 00, 00, FF, 15, B0, 80, 40, 00, 50, BF, A0, 10, 4C, 00, 57, E8, 23, 26, 00, 00...
 
[+]

Code size:
25 KB (25,600 bytes)

The file PhotoScape_V3.6.5.exe has been discovered within the following programs.

Garena - League of Legends  by Garena Online Pte Ltd.
League of Legends is a multiplayer online battle arena video game where players are formed into two teams of five Champions. League of Legends is a session-based game. Matchmaking creates teams with even average MMR (Matchmaking Rating) of the constituent players.
lol.garena.com
About 1% of users remove it
Pixia  by Isao Maruoka
www.pixia.jp
About 9% of users remove it
 
Powered by Should I Remove It?

The file PhotoScape_V3.6.5.exe has been seen being distributed by the following 50 URLs.

http://s6085.chomikuj.pl/File.aspx?e=xz6CrMskG7SozWA5zlOenqHkBy5kdDku2vyzIsf97AySFBVHb9pCXNDM9t79GnkCI87ff7JU04p-0DUOxQBjB7-eg8-sC_9ls1dLTcOfB8yz8rPbeqpnA7va83wKSwJwzcXVm2932usg3QBz9uylaQ&pv=2

http://global-shared-files-l3.softonic.com/057/c95/.../file?nvb=20140422214059&nva=20140423094159&token=0095826b64480987b01a3&id_file=63689&channel=WEB&instance=softonic_en&type=PROGRAM&fdh=yes&SD_used=0&filename=PhotoScape_V3-6-5.exe

https://dw.uptodown.com/dwn/pn0pXWfhu6n7YrjNxPwRstS0OgXqD49hQY623DJETxaZINPMhgNvohQtds7LTsugmd0x_g10y-exAVlGIHCWT-ll1NbGi2T5QQWqxnOxixK7Lt1svtil9XUb33nWuI3r/_sU9gZtoDlhe0dJOO2JUpz9uBIo-1elvJtv51FswOCgHNTROLc7IgrPcjAaQ0Ef2QzkNF9eMqYjYvBEQfcJvHoDuph5yCH-H_zqz71_hFZpWiJJpFoZNYjadZE3J7Y5d/vTZCqTNl0GObalsckSUu-l7inYxHYUvKKdcZ5bDngakHMzKSWAbKa6jFkZKIMfdXAfq_kdrs60NnCMLX7hntX52sI66Xt7An2jsiBUDjromNL7tMe5xNYoKTaBMe_XQ6/.../

http://download1088.mediafire.com/40kdhvd3vkng/.../PhotoScape_V3.6.5.exe

http://global-shared-files-l3.softonic.com/057/c95/.../file?nvb=20140324080625&nva=20140324200725&token=0a9fbdc7a14e488f7fe37&id_file=63689&channel=WEB&instance=softonic_en&type=PROGRAM&fdh=yes&SD_used=0&filename=PhotoScape_V3-6-5.exe

http://besplatnye-programmy.com/.../download.php?id=485

http://download875.mediafire.com/itrie2jb4jzg/.../PhotoScape_V3.6.5.exe

http://www.tamindir.com/indir/MjAxNC0wOS0xMSAxMDo0MToyMQ==/photoscape/.../3.6.5

http://filehippo.com/download/file/.../

http://esd.nzs.com.br/programas/.../300-PhotoScape_V3.6.5.exe

http://www.edownload.cz/sw/photoscape/download/.../

http://global-shared-files-l3.softonic.com/057/c95/.../file?nvb=20130928033710&nva=20130928153810&token=08ef83a8b74401503dffa&id_file=63689&channel=WEB&instance=softonic_br&type=PROGRAM&fdh=yes&SD_used=0&filename=PhotoScape_V3-6-5.exe

http://download31.mediafire.com/76x4620rvgfg/.../PhotoScape_V3.6.5.exe

http://s8433.chomikuj.pl/File.aspx?e=xz6CrMskG7SozWA5zlOenqHkBy5kdDku2vyzIsf97AySrKUblCb3jubIrs2wHYRasE03blPAO13wAZpq3cQcm1gGwZ5Wyh6bTwBVbTkOgfEr18twsNrCDY_H16Y0G7HheOxCZuAGYZWEEMEMfnOQgQ&pv=2

http://filehippo.com/de/download/file/.../

http://download1025.mediafire.com/j5is9f7xc7bg/.../PhotoScape_V3.6.5.exe

http://gsf-cf.softonic.com//057/c95/.../file?id_file=63689&channel=WEB&instance=softonic_en&type=PROGRAM&fdh=yes&SD_used=0&Expires=1378131546&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=f86oqiiURy8q0RRmypPmxBDLq9pzgFea3jAxATcasijKN2G~c5HIBEsyyklT92CrSTDji~C~G8KHqePsesDFQOAeChsDcdUMWWMwTa-MvgOwPz-xo9lLvERZFLaQodRrmVmtOA6t9c9YTMgVmXCypSiIsP1~roAlTavBXqn8Z0E_&filename=PhotoScape_V3-6-5.exe

http://global-shared-files-l3.softonic.com/057/c95/.../file?nvb=20131204043619&nva=20131204163719&token=0824baf59c56d69491c03&id_file=63689&channel=WEB&instance=softonic_en&type=PROGRAM&fdh=yes&SD_used=0&filename=PhotoScape_V3-6-5.exe

http://gsf-cf.softonic.com//057/c95/.../file?id_file=63689&channel=WEB_SD&instance=softonic_es&type=PROGRAM&fdh=yes&SD_used=1&Expires=1377572316&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=fmHqZ~35EIPF7Zlfmaf6VesZyTkfR4FgemoYPEFVj40BGuoV5AiIh-QyGUQXBSUaTGZIzQf-P~052YLv~k6x1p7PwGjFB8a37mlQ0~Kx1DDVagS1FiIJz4DJNzVlfhl-Px1R2vfQWnm6iRB-4vNGpdCDhkitgifYhz-9z5z9B9M_&filename=PhotoScape_V3-6-5.exe

http://filehippo.com/download/file/.../

http://filehippo.com/download/file/.../

http://gsf-cf.softonic.com//057/c95/.../file?id_file=63689&channel=WEB&instance=softonic_br&type=PROGRAM&fdh=yes&SD_used=0&Expires=1378371220&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=CmlYEr38Yw-Ww4Pxk1C8tle7iFl1jhx5GgSwNkm~pEE~QyGBOVYwHFdhB1AwDeepXPgVSgD1FFV6RZB4awB5MG-CEt7Vb5M-IXkCm~eyjBMVOsifMSeuw0y2AUX3pEE6y-uZqX6vYjyNqNwX75wTsknsFyfGxL3Nyq61Bkoi3BY_&filename=PhotoScape_V3-6-5.exe

http://dw.html.it/index.php?softname=photoscape_v3.6.5.exe&code=1475238982&q=NzMxOTR8cGhvdG9zY2FwZS00

http://tamindir.com/indir/MjAxMy0wOC0xNiAxODowMTowOQ==/photoscape/.../3.6.5

http://gerenciador.nzs.com.br/nocache/programas/urls/iron/.../photoscape-64-32-4102711.exe

http://photoscape.softonic.com.br/download-tracker?th=1/6CH9aeXedl4L8u BHNJXWTW LP1LFlnGQpxqjlxAOBgYZGRHn/iapCpXDMJRGuFloSQh0NgG7jtxcjYPptsoa7d3yN2O1DCoY1kX1haLl nLNZ5RV9RQpNNNBbMLpQV0Of5XPxpycOroWhc89rXHjUpCLqb4NCAxKeuh9cq/fblLLfbAVwumxh zDequDFTj5el4K3tRRCTrzp7InWt8rIJttezAKehz9Www3qLDcsnOK994lG0HOc5hif/7y0psIVNsFzTozeLNFH39Sf6W9LiBXXzyEOMIivqBBZZZO07HXUZx0oXFY4KWaqSMrRhQSbbySAf6LyqkdoedOxkl8kvDs3olaRtuu/BR084D/MuX/EHdf UqrwIX4UAOugSAXRGkIz15sp5qcecOvEQOm9XD/2RVa2L5Ziq6YVn0l6APb4IOzYVxCEF/gh9K63foHgohEsjNeInfBiUiMIM3iE6euPJzDRmPLERjlnvilr4rPE5VD1Kdt33kU/N/mRSGZU5C3i9rmKY8SHEOwraqCcGkNor7/.../gxhCvuMPaOrzIE4PFRJHD8MT Fkp6p HwVwyuF5mmkCsrMdwV mLmoHBasUMK5q596f63oRDx1UF72xBxhFXe17BuQCaBKTh0GOtKg=

http://installs.sevas-s.com/.../photoscape-3.6.5.exe&u={85F18F72-A67C-4626-B0B6-BF844516FA55}

http://sfs.mm.onet.pl/get/files/1/pclab/pliki/.../photoscape_v3_6_5.exe

http://gsf-cf.softonic.com//057/c95/.../file?id_file=63689&channel=WEB&instance=softonic_en&type=PROGRAM&fdh=yes&SD_used=0&Expires=1381637061&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=I-LNHXyyIKBeEsJJ8vtEh56j-HAt~ZWF1cimbTc5fjULbpqqTpSM7TDxLW5hF53J6MYCspQzh4phfj05t3-Edq1sC2MoGY4J94T90pXboEgqnNktysXHClEkA8cp6gQYHMwjNr7VFxIHbpM9eww1EwMQHphHzR2tYq~dSIJ0lWo_&filename=PhotoScape_V3-6-5.exe

http://global-shared-files-l3.softonic.com/057/c95/.../file?nvb=20140619195528&nva=20140620075628&token=099695389048d19ed0575&id_file=63689&channel=WEB&instance=softonic_en&type=PROGRAM&fdh=yes&SD_used=0&filename=PhotoScape_V3-6-5.exe

Latest 30 of 419 download URLs

Remove PhotoScape_V3.6.5.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.