home

{D1CDC79E-9E78-4A5F-9BCD-AB50983E68C7}

Publisher Information

Authority:
{D1CDC79E-9E78-4A5F-9BCD-AB50983E68C7}

Valid from:
4/29/2014 11:09:56 PM

Valid to:
4/30/2015 5:09:56 AM

Subject:
CN={D1CDC79E-9E78-4A5F-9BCD-AB50983E68C7}

Issuer:
CN={D1CDC79E-9E78-4A5F-9BCD-AB50983E68C7}

Serial number:
1e6cc65bb239dd99402691d1631f5b0c

Scanner detections:
Malware distribution  (79% detected)

Scan engine
Details
Detections

Dr.Web
BackDoor.Blackshades.3, BackDoor.Comet.884, Trojan.DownLoader10.63222, Tool.PassView.784
100.00%

ESET NOD32
MSIL/Injector.DPY (variant), MSIL/Injector.DPH (variant), MSIL/Injector.DXW (variant), MSIL/Injector.DVM (variant), MSIL/Injector.DVN (variant)
84.62%

AVG
BackDoor.Generic18, MSIL3, Inject2, Generic10_c, Pakes_c, CoinMiner
84.62%

Kaspersky
Trojan-FakeAV.Win32.Windef, Trojan-Dropper.Win32.Sysn, HEUR:Trojan.Win32.Generic, Trojan.MSIL.Citron
76.92%

Qihoo 360 Security
HEUR/Malware.QVM03.Gen, Win32/Trojan.30f
76.92%

MicroWorld eScan
Trojan.GenericKD.1669286, Trojan.GenericKD.1776880, Trojan.GenericKD.1716995, Trojan.GenericKD.1705347, Gen:Heur.Jatif.Gen.1, Trojan.Generic.11332223, Trojan.Generic.11325428, Trojan.GenericKD.1691128
69.23%

McAfee
RDN/Generic FakeAlert!ez, Artemis!DAD61D8DB8C5, Artemis!5D300A015BA1, RDN/Generic.bfr!hh, Artemis!904876F0D8D1, RDN/Generic BackDoor!bdl
69.23%

VIPRE Antivirus
Trojan.Win32.Generic
69.23%

avast!
MSIL:Injector-GX [Trj], Win32:Malware-gen, Win32:Dropper-gen [Drp]
69.23%

Bitdefender
Trojan.GenericKD.1669286, Trojan.GenericKD.1776880, Trojan.GenericKD.1716995, Trojan.GenericKD.1705347, Gen:Heur.Jatif.Gen.1
69.23%

32 / 68    (Malware)
5591  (44410efb82781f0cdcdf092e8e083ded)

32 / 68    (Malware)
masterservice.exe  (1daf60836cb4530f0cceb211021bf2d2)

2 / 68      (inconclusive)
windllx86.exe  (e48b532a914bf8b893304953e728ba8e)

0 / 68
winini.exe  (c568284e29f8915e9d968bca498315a5)

26 / 68    (Malware)
winini.exe  (b1e6f7e660ef8afaf7cad8a6c8b5b956)

32 / 68    (Malware)
skidware - do not use if you do not want to be vac banned.exe  (83fbe2b64b98edf9c9484a5635ad970d)

2 / 68      (inconclusive)
crashlocate.exe  (3c4ddd6deb4469208545ae3dd650103c)

6 / 68      (Malware)
winini.exe  (68029c9db2439548683adf818c826b96)

27 / 68    (Malware)
svchost.exe  (904876f0d8d1a2904f31a5d8284e9124)

18 / 68    (Malware)
img980_38.jpg.exe  (427fce39d6ffdcd4a1400845ba53c987)

29 / 68    (Malware)
hay day.exe  (5d300a015ba1f3cd2471717d12f6d39f)

28 / 68    (Malware)
adobe.exe  (dad61d8db8c5db1569c7f54951dd5ef6)

5 / 68      (Malware)
winini.exe  (6f3f0442ec73b989420314240870b388)

26 / 68    (Malware)
winini.exe  (bcdf52d0d3b833caed4d26cb71c86a29)

* Note, the details and description above are based on the code signing digital signature issued to {D1CDC79E-9E78-4A5F-9BCD-AB50983E68C7} by {D1CDC79E-9E78-4A5F-9BCD-AB50983E68C7} on April 29, 2014 with the serial number '1e6cc65bb239dd99402691d1631f5b0c'.
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.