home

Astori LLC

Publisher Information

Astori LLC is a software publisher located in Moscow, Russia*. The publisher primarily developes software that can be classified as adware. Thre are 2 additional code signing certificates issued to this publisher.
Authority:
COMODO CA Limited

Valid from:
4/8/2014 2:00:00 AM

Valid to:
4/8/2017 1:59:59 AM

Subject:
CN=Astori LLC, O=Astori LLC, STREET="Skladochnaya st. 1, bld. 13", L=Moscow, S=Moscow, PostalCode=127018, C=RU

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
008630cbc0fad3185d0b0e0c47f99ecfc2

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Startup.Astori.I, PUP.Astori.L, PUP.Astori.R, PUP.Task.Astori.I, PUP.Installer.Astori.J, PUP.Astori.I, PUP.Astori.Installer (M), PUP (M)
100.00%

AVG
Generic, Win32/DH
28.57%

Trend Micro House Call
Suspicious_GEN.F47V0629, Suspicious_GEN.F47V0730, Suspicious_GEN.F47V0731, Suspicious_GEN.F47V0725
19.05%

ESET NOD32
Win32/RiskWare.Astori (variant)
19.05%

IKARUS anti.virus
Trojan-Dropper.Agent, PUA.Astori
14.29%

McAfee
Artemis!3F5ED6EEADD1, Artemis!30B5ECB9682D, Artemis!523CEF9675D2
14.29%

VIPRE Antivirus
Trojan.Win32.Generic
14.29%

AhnLab V3 Security
PUP/Win32.Agent
9.52%

avast!
Win32:Malware-gen
9.52%

Comodo Security
UnclassifiedMalware
9.52%

1 / 68      (PUP)
inetstat.exe  (07642f136ede6d54ba2e8b7083275860)

1 / 68      (PUP)
r3gscvfb.aby.exe  (20bdfe899164ed090e86770350b1dca1)

1 / 68      (PUP)
si.exe (SmartInstaller)  (09a4ca7ba71ef82330101274df8a44c2)

6 / 68      (PUP)
inetstat.exe  (523cef9675d213465ef6a5bc29b68031)

4 / 68      (PUP)
f_000020  (38acedc59c509856c90f5e0e14082c11)

6 / 68      (PUP)
zswav35p.la0.exe  (30b5ecb9682d94b3e8d1cd68ddadbb0d)

5 / 68      (PUP)
inetstat.exe  (0682158124797aac6bc5bba660cc1d9f)

8 / 68      (PUP)
setup_292.exe  (f5665206c64e310a36b44cee5a4fbd8f)

7 / 68      (PUP)
inetstat.exe  (3f5ed6eeadd1185acdb6458fc2fb14ca)

2 / 68      (PUP)
inetstat.exe  (ef4d379ef3810fecd849b987a17bc262)

2 / 68      (PUP)
inetstat.exe  (9e4b87dbf81e1b4d578fa273c3f712df)

1 / 68      (PUP)
inetstat.exe  (a01de9be666d8d6226e3f7c6deb8e222)

1 / 68      (PUP)
b1t0ukty.jak.exe  (01c4e5e818813a49d217f1c09df0db5b)

1 / 68      (PUP)
inetstat.exe  (249d89d0afa38b54ebc0fa74a4966e00)

1 / 68      (PUP)
inter_silent_tray.exe  (d6eacd6638d82f43f3c324c3761b4b5a)

1 / 68      (PUP)
j1basafo.bl5.exe  (e40f80c5aa9fecfac5d0efa24f758669)

1 / 68      (PUP)
inetstat.exe  (f31ed493f4569fee116bad1179d14c8f)

1 / 68      (PUP)
xz4asuvk.aru.exe  (b72b2695cfdd92946921034918b8d9eb)

1 / 68      (PUP)
inetstat.exe  (0b2c6ba292b243c3a8bae699071f1f9d)

1 / 68      (PUP)
4trgnhw1.5m3.exe  (a2bb17098b7a300bd4001c307979cd17)

2 / 68      (PUP)
inetstat.exe  (2375d36d45528e864c6cac27c64932b3)

Downloads URLs for files signed by Astori LLC.

1 / 68      (PUP)
http://dl.interstat.eu/inter_silent_tray.exe  (d6eacd6638d82f43f3c324c3761b4b5a)

The certificates below are also signed by Astori LLC.

00DFC1F1B0F205CC17ED7D216BB991F859  (Jun 03, 2015 to Sep 04, 2018)

544BC3549576F8E9D85F2D766DBB9FAE  (Sep 08, 2015 to Sep 08, 2017)

* Note, the details and description above are based on the code signing digital signature issued to Astori LLC by COMODO CA Limited on April 08, 2014 with the serial number '008630cbc0fad3185d0b0e0c47f99ecfc2'.
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.