home

Appstein

Publisher Information

Appstein is a brand of the Sambreel/Yontoo group, a web advertising company located in Carlsbad, CA. The company is a primary distributor of unwanted software. It is part of the Yontoo/Sambreel group and distributes web browser add-ons, typically potentially unwanted and adware in nature, that are designed to modify a user's typical search beahvior as well as display context and popup advertising. There is one additional code signing certificate issued to this publisher.
Authority:
VeriSign, Inc.

Valid from:
5/5/2015 4:00:00 AM

Valid to:
6/4/2016 3:59:59 AM

Subject:
CN=Appstein, O=Appstein, L=San Diego, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
3e17e7a30ae5d0da73f3db70de776dde

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Yontoo (M), Adware.Yontoo (M)
100.00%

1 / 68      (Adware)
appstein.expext.dll  (3dd08a10fe9f0790ab5b6c6c7640195f)

1 / 68      (Adware)
appstein.browseradapter.dll  (65ec03eddd187d7bbff6202f3bdb5a2f)

1 / 68      (Adware)
Appstein2015080207.exe  (eeedc5e48afcf0f4fe0b0f44f970c35a)

1 / 68      (Adware)
Appstein2015080116.exe  (462fc78a734d39f6ed139deb35ebb146)

1 / 68      (Adware)
d0c7b94ff764.dll  (02938d8f0f10ca8976417f29fcdb995e)

1 / 68      (Adware)
d0c7b94ff7.dll  (02c879722535589867a55a3a7a5c84e4)

1 / 68      (Adware)
d0c764.dll (by TODO: <Company name>)  (c584e06b3e68cb30215e24f873df9546)

1 / 68      (Adware)
d0c7.dll (by TODO: <Company name>)  (08051a2076e1e51d74fdd824046ab764)

1 / 68      (Adware)
appstein.expext.exe  (2c7cbe2adbd6fd5e7af5c3b46bad043d)

1 / 68      (Adware)
appstein.browseradapter64.exe  (5126c305b7bfc4f64a082ba2a50c8139)

1 / 68      (Adware)
appstein.browseradapter.exe  (221beae793bc0a32e9aa65141075a7f7)

1 / 68      (Adware)
utilappstein.exe  (235fcef796069505bd75e480a8c5e541)

1 / 68      (Adware)
updateappstein.exe  (e457ac80040ca6b966947ff3a8e6185b)

1 / 68      (Adware)
ff52aaa3-8706-4976-82de-d2a236ea847b.dll  (4b1583a8095d53a9da673f6314c20e20)

1 / 68      (Adware)
ede8a0d6-dc08-4f0a-a6a1-adc901ff9939.dll  (eb1601a96e5dbe87a38b761d7960ad72)

1 / 68      (Adware)
df01215d-95e5-4535-995c-00f41080dd3a.dll  (8b822690d5f6895c49ea0b2b42e33a60)

1 / 68      (Adware)
dce60a63-3142-4165-af60-b204508cecb9.dll  (13a573d055a6470f1c0a7bcecb876be5)

1 / 68      (Adware)
d59201b8-72f6-4792-a9d3-9ba09c52dc2f.dll  (6371df07021de4f7c79d61968db8c10a)

1 / 68      (Adware)
ccd0796a-d45f-4d96-b5b4-629563221f7e.dll  (f685d89c1788cc4dcf998b0aacf6a37c)

1 / 68      (Adware)
cba5e084-9649-4346-8d81-ec902fd74d4a.dll  (157166350fabcdcc65bf7770d1ed8b3a)

1 / 68      (Adware)
c5d9acd5-bc13-4c41-8bf5-83a35ac413ca.dll  (3e1455ab645a7362cb07162e4fcbd3a9)

1 / 68      (Adware)
b07811f4-ce84-48ab-a742-27aef363c610.dll  (f2a24d29c398b828e68c0101bb9c56b7)

1 / 68      (Adware)
aa3572e8-edce-4260-bf7a-471b814b5be2.dll  (95f5704eed99ba850950b7ca81069330)

1 / 68      (Adware)
a481047c-9c4c-4d8b-8d2f-abbab123cdc5.dll  (661c411b65508ac03888012b36aef958)

1 / 68      (Adware)
a40175ee-a43e-43ec-848f-cd019a2dc54f.dll  (84662fe57c3f29080076779416c753d1)

1 / 68      (Adware)
a3aef31e-de60-4b84-b506-073251af091d.dll  (40795f94e67fe2d542b4abd841cd9dae)

1 / 68      (Adware)
a1859a39-c9db-40d3-8522-6c4d970358bb.dll  (a230f8c42051244fb6b131c0c1486697)

1 / 68      (Adware)
99643319-8349-4dcf-8555-5d07f3333f9b.dll  (3fff120493a16d82b5a6007bc4d9e184)

1 / 68      (Adware)
99608a95-b055-4623-a859-200933b8e1d0.dll  (8befce9b1a46cb6b49fa7b942500ba55)

1 / 68      (Adware)
950d4aeb-2832-4ca6-ab0f-c53983db2ae9.dll  (385675e3b11c9321c6e1f6b8eae88838)

 
Latest 30 of 214 files

The following certificate is also signed by Appstein.

06773AB7EC074782D28F824F3C5632C1  (May 01, 2014 to May 02, 2015)

* Note, the details and description above are based on the code signing digital signature issued to Appstein by VeriSign, Inc. on May 05, 2015 with the serial number '3e17e7a30ae5d0da73f3db70de776dde'.
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.