AD79 Corp

Publisher Information

AD79 Corp is a software developer located in Yeonsu-gu, Incheon in Korea*. Thre are 2 additional code signing certificates issued to this publisher.
Authority:
Thawte, Inc.

Valid from:
8/22/2013 9:00:00 AM

Valid to:
9/22/2014 8:59:59 AM

Subject:
CN=AD79 Corp, O=AD79 Corp, L=Yeonsu-gu, S=Incheon, C=KR

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
3000ae01184dff956e01f0b36af80075

Status:
Inconclusive detections from multiple engines

Scan engine
Details
Detections

Malwarebytes
Adware.Korad, Adware.KorAd, Trojan.Agent.KR
72.00%

Emsisoft Anti-Malware
Gen:Variant.Zusy.77905, Gen:Variant.Graftor.136219, Gen:Variant.Graftor.136250, Gen:Variant.Adware.Graftor.136219, Gen:Variant.Adware.Graftor.136218
72.00%

MicroWorld eScan
Gen:Variant.Zusy.77905, Gen:Variant.Graftor.136219, Gen:Variant.Graftor.136250, Gen:Variant.Adware.Graftor.136219, Gen:Variant.Adware.Graftor.136218, Gen:Variant.Graftor.136218
68.00%

Bitdefender
Gen:Variant.Zusy.77905, Gen:Variant.Graftor.136219, Gen:Variant.Graftor.136250, Gen:Variant.Adware.Graftor.136219, Gen:Variant.Adware.Graftor.136218
68.00%

G Data
Gen:Variant.Zusy.77905, Gen:Variant.Graftor.136219, Gen:Variant.Graftor.136250, Gen:Variant.Adware.Graftor.136219, Gen:Variant.Adware.Graftor.136218
68.00%

ESET NOD32
Win32/AdWare.Kraddare.JS (variant), Win32/AdWare.Kraddare.HZ (variant), Win32/TrojanDownloader.VB.PFP (variant), Win32/AdWare.Kraddare.JR (variant)
60.00%

Lavasoft Ad-Aware
Gen:Variant.Zusy.77905, Gen:Variant.Graftor.136219, Gen:Variant.Graftor.136250, Gen:Variant.Graftor.136218, Gen:Variant.Adware.Graftor.136218
56.00%

F-Secure
Gen:Variant.Zusy.77905, Gen:Variant.Graftor.136219, Gen:Variant.Graftor.136250, Gen:Variant.Graftor.136218, Gen:Variant.Adware.Graftor
52.00%

Avira AntiVirus
TR/Zusy.77905.7, TR/VB.Downloader.Gen, TR/Dldr.VB.SW.77, TR/Dldr.VB.PFP.21, TR/Dldr.VB.SW.72, TR/Kazy.301128.2, TR/Dldr.VB.PFP.23
52.00%

McAfee Web Gateway
Artemis!72D91047D82D, Artemis!BBF397D6B570, Artemis!99DEDD283486, BehavesLike.Win32.Downloader.qm, BehavesLike.Win32.Trojan.bc
52.00%

5 / 68      (PUP)
keypang.exe (Keypang)  (5099d9b64d8f7ffe358f29aede8571d0)

0 / 68
ukp.exe (RemoveKPU)  (125338ba0d1f776983d5123aaa5ac77d)

0 / 68
ishoplus.exe (ikeypang)  (c7bb23407cd34540d4ed65de8906a4ba)

6 / 68      (PUP)
keypang.exe (Keypang)  (2325bf6aa31dc80a4b214294acb166db)

0 / 68
ikeypang.exe (ikeypang)  (5c5c21eda64ba824b929889e5521d56d)

0 / 68
keypang.exe (Keypang)  (2bf8fe628cda93a6387ddd0b024030ef)

0 / 68
ukp.exe (RemoveKPU)  (c2f3585a68a81a2617ef97ebe1caf66c)

0 / 68
kpupdate.exe (bjfupdater)  (da67bc400e3750de979c34db6665be62)

0 / 68
kpu.exe (kpu)  (70c5dba208621e0ce1ed89c46f414325)

0 / 68
rkp.exe (RemoveKP)  (69fa8ebe0a00f7ede222144676260f46)

0 / 68
move.exe (move)  (22830557ead5af48ef72a0f8ea5cbbc4)

0 / 68
keypang.exe (Keypang)  (94cced3b2e1b085274a856875722f71d)

0 / 68
fgo.exe (Fgo)  (cc0b46f1206a9429fd9d317442b4454a)

0 / 68
xProgressBar.ocx (xProgressBar by )  (bf0ceebcf1c8100aa1adc64004d42dfd)

0 / 68
ukp.exe (RemoveKPU)  (449b5471e85854ec02acadc5339f85ab)

0 / 68
rkp.exe (RemoveKP)  (dc3437ab58a4c3b731a3e59a69453725)

0 / 68
move.exe (move)  (635c44624fd417aad6790a9049fdee1e)

0 / 68
fgo.exe (Fgo)  (e7de547ce581a3083fac84b6a8d44a1e)

0 / 68
rkp.exe (RemoveKP)  (9a25b766e3dd33d6e5ad6210d1254e31)

0 / 68
move.exe (move)  (50bbd1ddde0223ad314d3466070fde89)

0 / 68
keypang.exe (Keypang)  (a61bdacfb705e7393c6f6565334de7f4)

0 / 68
fgo.exe (Fgo)  (eeccb71446fd00cf2962e2f28c2cd81f)

11 / 68    (PUP)
keypang.exe (Keypang)  (fd58ec2b5ec791f84fc76ce437ec5743)

0 / 68
xProgressBar.ocx (xProgressBar by )  (02d040e19fdf122b843a8781237e3539)

2 / 68      (inconclusive)
ukp.exe (RemoveKPU)  (bb33816b775839c55451e1e85718d0cb)

2 / 68      (inconclusive)
keypang.exe (Keypang)  (81e969ac9b0471e90f40057cf44678b2)

1 / 68      (inconclusive)
fgo.exe (Fgo)  (0719376081fa22b60c6af5b1f459e004)

23 / 68    (PUP)
ikeypang.exe (ikeypang)  (de49c789f2198dd8a9249fa07fe1f140)

13 / 68    (PUP)
keypang.exe (Keypang)  (70c89c8170b4a88670ad8c1e614579f7)

0 / 68
xProgressBar.ocx (xProgressBar by )  (ac12034e3d324094cbceef80c7be5a3d)

 
Latest 30 of 57 files

The certificates below are also signed by AD79 Corp.

5B1A04F189A68BC2FB81242581D8047C  (Jun 28, 2012 to Aug 28, 2013)

2CF9E7B6ED6CAAE44B1584DE27F9C719  (Jul 18, 2011 to Jul 18, 2012)

* Note, the details and description above are based on the code signing digital signature issued to AD79 Corp by Thawte, Inc. on August 22, 2013 with the serial number '3000ae01184dff956e01f0b36af80075'.