» OpenCandy Inc.
Digital Signature
Analysis
Files (28)
Related (7)

OpenCandy Inc.

Publisher Information

OpenCandy Inc. is a software publisher located in San Diego, California in the United States*. The publisher primarily developes software that can be classified as adware. OpenCandy from SweetLabs is an ad-supported platform that allows publishers to include monetized offers in their software installers. Its advertising software module can be incorporated in a Windows/Nullsoft Installer and when a user installs a program that has the OpenCandy library, there is an option to install additional software that it recommends (based on geolocation). These offers are typically web browser toolbars and search extensions. Thre are 12 additional code signing certificates issued to this publisher.

Authority:

COMODO CA Limited

Valid from:

10/13/2014 2:00:00 AM

Valid to:

10/14/2015 1:59:59 AM

Subject:

CN=OpenCandy Inc., O=OpenCandy Inc., STREET="510 Market St #301", L=San Diego, S=CA, PostalCode=92101, C=US

Issuer:

CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00bb7b40b95093a55585d1c267c0d46ee3

Scanner detections:

Detections (100% detected)

Scan engine

Details

Detections

Reason Heuristics

PUP.OpenCandy, Threat.OpenCandy, Threat.OpenCandy.Installer, PUP.OpenCandy.Installer, PUP.OpenCandy (M), PUP.OpenCandy.Installer (M)

100.00%

AVG

OpenCandy, AdPlugin, Generic

57.14%

AhnLab V3 Security

PUP/Win32.OpenCandy

42.86%

Dr.Web

Adware.OpenCandy.73, DLOADER.Trojan, Adware.OpenCandy.15, Adware.OpenCandy.56, Adware.OpenCandy.150, Adware.OpenCandy.170

39.29%

herdProtect (fuzzy)

a variant of 7d5729a0c7c000755b40f0c1798aeedfe41926b1, a variant of 9993f095d7013ea4bbd86ce7cdc55834a87303c9, a variant of 443d2470d206b8e384686a43973feafaf8ce8075

35.71%

Malwarebytes

PUP.Optional.OpenCandy

32.14%

ESET NOD32

Win32/OpenCandy (variant), Win32/OpenCandy.E potentially unsafe (variant)

21.43%

VIPRE Antivirus

Opencandy

17.86%

G Data

Win32.Application.OpenCandy, Win32.Adware.OpenCandy

14.29%

Baidu Antivirus

Adware.Win32.OpenCandy

14.29%

1 / 68 (PUP)

ocsetuphlp.dll (Rec Plugin by OpenCandy) (c3ffce0487c33667e4ed0dd311df88de)

1 / 68 (PUP)

du106m.exe (Installation helper by OpenCandy) (14cec3b153f8def81c2f74456b9e925c)

1 / 68 (PUP)

ocsetuphlp.dll (Rec Plugin by OpenCandy) (e47de2dd221bd133d541cf172954ecb1)

1 / 68 (PUP)

ocsetuphlp.dll (Rec Plugin by OpenCandy) (7fa6a4ba8b7319ddff5b103258f8a552)

1 / 68 (PUP)

ocsetuphlp.dll (Rec Plugin by OpenCandy) (7160434f04a8c1a1f43bd27627dcd027)

1 / 68 (PUP)

dh144m.exe (Installation helper by OpenCandy) (2567f426e2779d4c91c4b384e2aa07f4)

1 / 68 (PUP)

dh117m.exe (Installation helper by OpenCandy) (ad25a1fac2b624365aadd1332ae1b48c)

9 / 68 (PUP)

dh222.exe (Installation helper by OpenCandy) (9c7d726ed52f6e867c982bf4361569a0)

1 / 68 (PUP)

ocsetuphlp.dll (Rec Plugin by OpenCandy) (3ae1bd98f7ff8124ba95673a66899355)

1 / 68 (PUP)

dh35.exe (Installation helper by OpenCandy) (600d68f8c91169bc8a4a172df4d14651)

7 / 68 (PUP)

dh29.exe (Installation helper by OpenCandy) (25349f77ac849b24a8fdb09dd99c11c4)

7 / 68 (PUP)

dh23.exe (Installation helper by OpenCandy) (6c79d2609d3019022ac74078ea65a3b0)

1 / 68 (PUP)

dh246.exe (Installation helper by OpenCandy) (7ab6a47063cb606b6412f5423f792fbd)

2 / 68 (PUP)

dh224.exe (Installation helper by OpenCandy) (3166dd4257c10dea37d08c131459282a)

7 / 68 (PUP)

dh143m.exe (Installation helper by OpenCandy) (c7e3b974c020a53afb2fc76063eecabc)

6 / 68 (PUP)

dh210.exe (Installation helper by OpenCandy) (5f08feeb224e3a1e749bc6c822475caa)

5 / 68 (PUP)

dh145m.exe (Installation helper by OpenCandy) (f0cc08c7da21327f217868d8278735d5)

5 / 68 (PUP)

dh136m.exe (Installation helper by OpenCandy) (dd0394954695928bb8cc1a58f9073a07)

7 / 68 (PUP)

dh133m.exe (Installation helper by OpenCandy) (fab686eca349a13bc0a801f59063d31c)

4 / 68 (PUP)

ocsetuphlp.dll (Rec Plugin by OpenCandy) (7160434f04a8c1a1f43bd27627dcd027)

8 / 68 (PUP)

ocsetuphlp.dll (Rec Plugin by OpenCandy) (372ad8b46978a7a5870491adbe5c9833)

3 / 68 (PUP)

dh121m.exe (Installation helper by OpenCandy) (3a57b95f117d75189dec97f83658f3bc)

3 / 68 (PUP)

dh120m.exe (Installation helper by OpenCandy) (d08c87a2f32f4a3265973047af706128)

2 / 68 (PUP)

du115m.exe (Installation helper by OpenCandy) (edc2ca68fda35c1a440d4c94a030f884)

3 / 68 (PUP)

dh119m.exe (Installation helper by OpenCandy) (bdb00b92e1e96452ac4cc951d7cc2d80)

13 / 68 (PUP)

du109m.exe (Installation helper by OpenCandy) (a53dab51c3f56747221337b17cf6b207)

12 / 68 (PUP)

du105m.exe (Installation helper by OpenCandy) (baa963bb44f3546b3dbc42b1a00cce96)

12 / 68 (PUP)

du90m.exe (Installation helper by OpenCandy) (81c4079b19c7c7dbe16368abbc8a74fe)

The certificates below are also signed by OpenCandy Inc..

064F7F3543BCDEFC1576F502AE200E11 (Feb 03, 2014 to Apr 22, 2016)

3D96F95B7280804943B22EAAD87771E6 (Oct 24, 2014 to Oct 25, 2015)

0B88C871F68A9102FD1B743704369247 (Oct 24, 2014 to Oct 25, 2015)

5407D8E1F2D0E6C4E6F068C2480628C9 (Oct 13, 2014 to Oct 14, 2015)

29CE9F5BE708FCC90C4937893D131841 (Oct 13, 2014 to Oct 14, 2015)

0098EBBE629C4556BF484A6F8F34FED191 (Oct 13, 2014 to Oct 14, 2015)

00C78CECD817AA361719203EFEE430C0AF (Oct 13, 2014 to Oct 13, 2015)

00C3779EB50F49E5634257CB77974A96D9 (Aug 13, 2014 to Aug 14, 2015)

00B0CC36BCEFA9A2F21227E1707CED355E (Aug 13, 2014 to Aug 14, 2015)

79D7802797DB6E08C313832B63BDA95F (Jun 27, 2014 to Jun 28, 2015)

10 of 12 code signing certificates issued

The following publishers (by Authenticode signature organization name) are related.

* Note, the details and description above are based on the code signing digital signature issued to OpenCandy Inc. by COMODO CA Limited on October 13, 2014 with the serial number '00bb7b40b95093a55585d1c267c0d46ee3'.

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.