Multi-License Discount Quote

Change Region

English
Threat Database Potentially Unwanted Programs PUP.Open Downloader Manager

PUP.Open Downloader Manager

By CagedTech in Potentially Unwanted Programs

Threat Scorecard

Popularity Rank: 1,982
Threat Level: 10 % (Normal)
Infected Computers: 72,906
First Seen: January 10, 2014
Last Seen: February 25, 2026
OS(es) Affected: Windows

Registry Details

PUP.Open Downloader Manager may create the following registry entry or registry entries:
CLSID
{01483019-D8C9-47D8-8E93-AF032EBFADA6}
{19CAD08F-0413-47F8-B1D9-5D66826E1E39}
{42130E6A-0045-4208-A252-71CA12C8FE99}
{4D6295C9-2765-49B0-A45B-4136B610954C}
{4FEB1BAD-35AD-4A08-B6EC-E6D832F1ED4D}
{56101D38-6A8B-49D6-8C9D-939595AB2D19}
{5A810830-B199-4a4c-89CB-928D960A5C04}
{83E6F60E-7147-4475-9DF6-5F1E237FE2CE}
{D8E9E2ED-846D-4711-A9B8-A29312157DB4}
{DA122254-5927-44C6-8E37-459473384004}
{DEBBD32E-1D08-4F6A-8A26-E1B3D768A1E5}
{E66B63B0-49F8-47E3-A9BA-799287B59E87}
{F01F76EC-3376-4E62-B201-8074C8239376}
File name without path
http_opendownloadmanager.com_0.localstorage
http_opendownloadmanager.com_0.localstorage-journal
odownloadmanager[1].xml
OpenDownloaderManager.lnk
OpenDownloadManager.lnk
HKEY..\..\..\..{RegistryKeys}
SOFTWARE\Classes\FDM.FdmUiWindow.1
SOFTWARE\Classes\FDMDownloadsStat.FDMDownloadsStat
SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\odownloadmanager.com
SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\opendownloadmanager.com
SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\odownloadmanager.com
SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\opendownloadmanager.com
SOFTWARE\Classes\WG.WGUrlListReceiver
SOFTWARE\Classes\WG.WGUrlListReceiver.1
SOFTWARE\Classes\WG.WGUrlReceiver
SOFTWARE\Classes\WG.WGUrlReceiver.1
Software\Microsoft\Internet Explorer\DOMStorage\opendownloadmanager.com
SOFTWARE\Microsoft\Internet Explorer\Low Rights\DragDrop\{1C306DF7-2171-45c8-9324-D36448104BD5}
SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1C306DF7-2171-45c8-9324-D36448104BD5}
Software\Microsoft\Internet Explorer\MenuExt\Download all with Open Download Manager
Software\Microsoft\Internet Explorer\MenuExt\Download selected with Open Download Manager
Software\Microsoft\Internet Explorer\MenuExt\Download video with Open Download Manager
Software\Microsoft\Internet Explorer\MenuExt\Download with Open Download Manager
Software\Microsoft\Windows\CurrentVersion\Explorer\StartPage\NewShortcuts\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenDownloaderManager\OpenDownloaderManager.lnk
Software\Microsoft\Windows\CurrentVersion\Run\Open Download Manager
SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\OpenDownloaderManager
SOFTWARE\OpenDownloadManager
Software\OpenDownloadManager.COM
SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\DragDrop\{1C306DF7-2171-45c8-9324-D36448104BD5}
SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1C306DF7-2171-45c8-9324-D36448104BD5}
SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\OpenDownloaderManager
SOFTWARE\Wow6432Node\OpenDownloadManager
HKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}
OpenDownloadManager

Directories

PUP.Open Downloader Manager may create the following directory or directories:

%APPDATA%\Microsoft\Windows\Start Menu\Programs\OpenDownloadManager
%APPDATA%\Microsoft\Windows\Start Menu\Programs\OpenDownloaderManager
%APPDATA%\Open Download Manager
%AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\OpenDownloaderManager
%PROGRAMFILES%\ODMDownloader
%PROGRAMFILES%\OpenDownloadManager
%PROGRAMFILES%\OpenDownloaderManager
%PROGRAMFILES%\_OpenDownloaderManager_
%PROGRAMFILES(X86)%\ODMDownloader
%PROGRAMFILES(X86)%\OpenDownloadManager
%PROGRAMFILES(X86)%\OpenDownloaderManager
%PROGRAMFILES(X86)%\_OpenDownloaderManager_

Analysis Report

General information

Family Name: PUP.Open Downloader Manager
Signature status: Self Signed

Known Samples

MD5: 375dc889b1ea948121498ebfd3107837
SHA1: f5bee47df02fe59769d7218d5935e8604e69d906
SHA256: 3BFBC771520637850A1F2495FFE75DE253E2E1F3BB21B19863C16ADF65A64041
File Size: 405.28 KB, 405280 bytes
MD5: 634e03e8cb8d1a25498c36b7d6da0ed4
SHA1: aab05ffabe2a826409aeef764079408e6e622523
SHA256: ED330CAE685849EA7312A2EB8EFD2D9158D9285D8365DCA347ED305198865C2B
File Size: 686.65 KB, 686648 bytes
MD5: 82b17363dc174023ba306de57364eb5d
SHA1: 1be4a7f4402ccdf3044f28242a5f09bb9fcfba3a
SHA256: A313B12A05C564337DEADC433FEA83F23FDEFE2C3C95CFD3CB45C4C548A477E7
File Size: 619.68 KB, 619680 bytes
MD5: d38cee61cb787609c1588493fc581ba5
SHA1: 933c2eed4f3e1a817786f96387f4131bf0484163
SHA256: A8AB4D21D5FE6E837ED97AE2E5A6514C78F5D3E1364308CB7B1310D0ADCDBCED
File Size: 333.70 KB, 333704 bytes

Windows Portable Executable Attributes

  • File doesn't have "Rich" header
  • File doesn't have debug information
  • File doesn't have exports table
  • File doesn't have relocations information
  • File has exports table
  • File has TLS information
  • File is 32-bit executable
  • File is 64-bit executable
  • File is either console or GUI application
  • File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
Show More
  • File is Native application (NOT .NET application)
  • File is not packed
  • IMAGE_FILE_DLL is not set inside PE header (Executable)
  • IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Icons

Windows PE Version Information

Name Value
Company Name VolatileSpeedup Stream
File Description
  • driverhelper64
  • Open Downloader Manager
  • Open Downloader Manager
File Version
  • 3.1.0.0
  • 3.0.0.0
  • 1.0.0.1
Internal Name
  • ddrx.dll
  • DownloadAll_v2.exe
Legal Copyright
  • (c)2015
  • (c) VolatileSpeedup Stream 2020
  • All rights reserved.
  • Copyright 2015
Original Filename
  • ddrx.dll
  • DownloadAll_v2.exe
Product Name
  • driverhelper64
  • O D M
  • ODM
Product Version
  • 1.0.0.1

Digital Signatures

Signer Root Status
INSTALLER TECHNOLOGY CORP COMODO RSA Code Signing CA Self Signed
InstallerTech Co COMODO RSA Code Signing CA Self Signed
Antanda, LLC Go Daddy Secure Certification Authority Self Signed
Traffic Space, LLC Symantec Class 3 SHA256 Code Signing CA Self Signed

Block Information

Similar Families

  • Kryptik.FTP

Files Modified

File Attributes
c:\users\user\appdata\local\temp\nsbbd5b.tmp\3.txt Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsbbd5b.tmp\banner.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsbbd5b.tmp\dialogs.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsbbd5b.tmp\inetc.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsbbd5b.tmp\nsdialogs.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsbbd5b.tmp\quid.txt Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsbbd5b.tmp\system.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsbbd5b.tmp\toplogo1.bmp Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsd733f.tmp Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsebfc0.tmp Generic Write,Read Attributes
Show More
c:\users\user\appdata\local\temp\nsec05e.tmp Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsi6702.tmp Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete
c:\users\user\appdata\local\temp\nsi72bf.tmp Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsi735f.tmp Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nskc11c.tmp Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsn72df.tmp Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsn737f.tmp Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsobf61.tmp Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsobfff.tmp Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nss7211.tmp Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nss72ff.tmp Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nst67cf.tmp Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nstbf31.tmp Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsuc15b.tmp Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsx6712.tmp\banner.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsx6712.tmp\inetc.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsx6712.tmp\ipbhelper.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsx6712.tmp\quid.txt Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsx6712.tmp\system.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsx7231.tmp Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsybdc9.tmp Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nszc0dc.tmp Generic Write,Read Attributes
c:\users\user\downloads\1.txt Generic Write,Read Attributes

Registry Modifications

Key::Value Data API Name
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::proxybypass  RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::intranetname  RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::uncasintranet  RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::autodetect RegNtPreCreateKey

Windows API Usage

Category API
Syscall Use
  • ntdll.dll!NtAccessCheck
  • ntdll.dll!NtAlpcSendWaitReceivePort
  • ntdll.dll!NtApphelpCacheControl
  • ntdll.dll!NtClose
  • ntdll.dll!NtConnectPort
  • ntdll.dll!NtCreateMutant
  • ntdll.dll!NtCreateSection
  • ntdll.dll!NtDuplicateToken
  • ntdll.dll!NtFreeVirtualMemory
  • ntdll.dll!NtMapViewOfSection
Show More
  • ntdll.dll!NtOpenFile
  • ntdll.dll!NtOpenKey
  • ntdll.dll!NtOpenKeyEx
  • ntdll.dll!NtOpenProcessToken
  • ntdll.dll!NtOpenProcessTokenEx
  • ntdll.dll!NtOpenSection
  • ntdll.dll!NtOpenSemaphore
  • ntdll.dll!NtOpenThread
  • ntdll.dll!NtOpenThreadTokenEx
  • ntdll.dll!NtProtectVirtualMemory
  • ntdll.dll!NtQueryAttributesFile
  • ntdll.dll!NtQueryDebugFilterState
  • ntdll.dll!NtQueryInformationProcess
  • ntdll.dll!NtQueryInformationThread
  • ntdll.dll!NtQueryInformationToken
  • ntdll.dll!NtQueryKey
  • ntdll.dll!NtQueryPerformanceCounter
  • ntdll.dll!NtQuerySecurityAttributesToken
  • ntdll.dll!NtQueryValueKey
  • ntdll.dll!NtQueryVirtualMemory
  • ntdll.dll!NtQueryVolumeInformationFile
  • ntdll.dll!NtQueryWnfStateData
  • ntdll.dll!NtReleaseMutant
  • ntdll.dll!NtReleaseSemaphore
  • ntdll.dll!NtReleaseWorkerFactoryWorker
  • ntdll.dll!NtRequestWaitReplyPort
  • ntdll.dll!NtSetEvent
  • ntdll.dll!NtSetInformationProcess
  • ntdll.dll!NtSetInformationThread
  • ntdll.dll!NtSetInformationVirtualMemory
  • ntdll.dll!NtSetInformationWorkerFactory
  • ntdll.dll!NtSubscribeWnfStateChange
  • ntdll.dll!NtTestAlert
  • ntdll.dll!NtTraceControl
  • ntdll.dll!NtUnmapViewOfSection
  • ntdll.dll!NtUnmapViewOfSectionEx
  • ntdll.dll!NtWaitForSingleObject
  • ntdll.dll!NtWaitForWorkViaWorkerFactory
  • ntdll.dll!NtWaitLowEventPair
  • ntdll.dll!NtWriteFile
  • UNKNOWN
Network Wininet
  • HttpOpenRequest
  • HttpQueryInfo
  • HttpSendRequest
  • InternetConnect
  • InternetOpen
  • InternetQueryOption
  • InternetReadFile
Anti Debug
  • IsDebuggerPresent
User Data Access
  • GetUserObjectInformation

Trending

Most Viewed

Loading...