home

AD79 Corp

Publisher Information

AD79 Corp is a software developer located in Yeonsu-gu, Incheon in Korea*. Thre are 2 additional code signing certificates issued to this publisher.
Authority:
Thawte, Inc.

Valid from:
8/22/2013 9:00:00 AM

Valid to:
9/22/2014 8:59:59 AM

Subject:
CN=AD79 Corp, O=AD79 Corp, L=Yeonsu-gu, S=Incheon, C=KR

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
3000ae01184dff956e01f0b36af80075

Status:
Inconclusive detections from multiple engines

Scan engine
Details
Detections

Reason Heuristics
Threat.Win.Reputation.IMP, PUP.InstallCore.CSH (L)
72.73%

Dr.Web
Trojan.Adkor.324
18.18%

ESET NOD32
Win32/AdWare.Kraddare.JS application, Win32/AdWare.Kraddare.HZ application
18.18%

MicroWorld eScan
Gen:Variant.Zusy.77905
9.09%

Malwarebytes
Adware.Korad
9.09%

Trend Micro House Call
ADW_KRADDARE
9.09%

Bitdefender
Gen:Variant.Zusy.77905
9.09%

Agnitum Outpost
Trojan.Zusy
9.09%

Lavasoft Ad-Aware
Gen:Variant.Zusy.77905
9.09%

F-Secure
Gen:Variant.Zusy.77905
9.09%

0 / 68
rkp.exe (RemoveKP)  (874f95b341c0fbdccf03d107501b86ad)

0 / 68
move.exe (move)  (171195dcc9157242f4fec9adecf73bd1)

0 / 68
keypang.exe (Keypang)  (d40890c22a8c22cd8665c924e58649af)

0 / 68
keypang.exe (Keypang)  (79268737f3ea9a61b593aed6f73f3de5)

0 / 68
kpupdate.exe (bjfupdater)  (dae43309755b9e7c080235571c97b199)

0 / 68
xProgressBar.ocx (xProgressBar by )  (1a28978c761d0e15e068548314eb640f)

0 / 68
unins000.exe (RemoveKP)  (4a50641da2c4f821fdc99925207133a1)

0 / 68
move.exe (move)  (53357a9431910e5446f9a25ee089406d)

0 / 68
fgo.exe (Fgo)  (61c6523009af772c10befcc10efeeca0)

4 / 68      (PUP)
kpu.exe (kpu)  (d252d8d5649d5ad426b50ce2407973f7)

0 / 68
unins000.exe (RemoveKP)  (8c48b75e6f6395005b59bd655ab50ec4)

0 / 68
move.exe (move)  (ec74faab9acb34ad1389db22977c4580)

0 / 68
fgo.exe (Fgo)  (16994b4728f55fbd86c01f8d6f3f5636)

1 / 68      (PUP)
skeypang.exe (KeyPang by ad79)  (395a679ba344e8a186f31ff843758da5)

0 / 68
rkp.exe (RemoveKP)  (6a9fa8ec4a7d002665012aabf0264513)

0 / 68
move.exe (move)  (0a09dcde562ea1a008928ad021ed869d)

0 / 68
keypang.exe (Keypang)  (c1fdeab7272dd043da03ebb4d9c3367f)

0 / 68
fgo.exe (Fgo)  (1798dc26f59a04f638043a2e5672e7a9)

0 / 68
ukp.exe (RemoveKPU)  (fac26090d15644ad853fa15adcf4a734)

0 / 68
kpu.exe (kpu)  (c7ba109a45d1ec35a2bfa00bc86e112e)

0 / 68
rkp.exe (RemoveKP)  (44015a51da263e43096592aae9a7709f)

0 / 68
move.exe (move)  (2ffffd8c43a6c7ce4d0955f1575c5ff4)

0 / 68
keypang.exe (Keypang)  (904269d47acd47d70c42211ab3de3583)

0 / 68
fgo.exe (Fgo)  (e72241a751695d2a0c6ee3e60c460722)

1 / 68      (PUP)
skpupdate.exe (kpupdate by ad79 Communication)  (0b2ff0d824325af95b3cb39a25c856f4)

1 / 68      (PUP)
skeypang.exe (KeyPang by ad79)  (2ac15ba18b34196369e028f283775d46)

1 / 68      (PUP)
skeypang.exe (KeyPang by ad79)  (c88de543d79395829d6eb8b0f951c050)

3 / 68      (PUP)
keypang.exe (Keypang)  (52ede1010efd522e35c876c1db99c114)

1 / 68      (PUP)
skpupdate.exe (kpupdate by ad79 Communication)  (f9877fae8e5e1d079ce0b1c8cb602778)

0 / 68
ikeypang.exe (ikeypang)  (a7b2d2934444a0c24254ded42c746ddb)

 
Latest 30 of 224 files

The certificates below are also signed by AD79 Corp.

5B1A04F189A68BC2FB81242581D8047C  (Jun 28, 2012 to Aug 28, 2013)

2CF9E7B6ED6CAAE44B1584DE27F9C719  (Jul 18, 2011 to Jul 18, 2012)

* Note, the details and description above are based on the code signing digital signature issued to AD79 Corp by Thawte, Inc. on August 22, 2013 with the serial number '3000ae01184dff956e01f0b36af80075'.
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.