home

Dinosaur

Publisher Information

Dinosaur is a software publisher located in Pandora, United Kingdom*. There is one additional code signing certificate issued to this publisher.
Authority:
getaCert - www.getacert.com

Valid from:
3/15/2015 8:51:03 PM

Valid to:
5/14/2015 8:51:03 PM

Subject:
E=T.Rex@gmail.com, CN=Dinosaur, OU=Dinosaur CEO, O=Dinosaur, L=Pandora, S=Pandora, C=GB

Issuer:
O=getaCert - www.getacert.com, L=Seattle, S=Washington, C=US

Serial number:
0cf5

Scanner detections:
Malware distribution  (80% detected)

Scan engine
Details
Detections

nProtect
Trojan.GenericKD.2256294, Trojan.GenericKD.2251470, Trojan.GenericKD.2256288, Trojan.Generic.13054059
100.00%

VIPRE Antivirus
Trojan.Win32.Generic.pak!cobra
100.00%

avast!
Win32:Broban-AR [Trj], Win32:Malware-gen
100.00%

Bitdefender
Trojan.GenericKD.2256294, Trojan.GenericKD.2251470, Trojan.GenericKD.2256288, Trojan.Generic.13054059
100.00%

Lavasoft Ad-Aware
Trojan.GenericKD.2256294, Trojan.GenericKD.2251470, Trojan.GenericKD.2256288, Trojan.Generic.13054059
100.00%

Emsisoft Anti-Malware
Trojan.GenericKD.2256294, Trojan.GenericKD.2251470, Trojan.GenericKD.2256288, Trojan.Generic.13054059
100.00%

F-Secure
Trojan.GenericKD.2256294, Trojan.GenericKD.2251470, Trojan.GenericKD.2256288, Trojan.Generic.13054059
100.00%

G Data
Trojan.GenericKD.2256294, Trojan.GenericKD.2251470, Trojan.GenericKD.2256288, Trojan.Generic.13054059
100.00%

Baidu Antivirus
Trojan.Win32.Banker, Trojan.Win32.Banload, Adware.MSIL.iBryte
100.00%

ESET NOD32
MSIL/Kryptik.BPM (variant), Win32/TrojanDownloader.Banload.SJG, MSIL/Kryptik.BNO (variant)
100.00%

14 / 68    (PUP)
infracao_transito_9238777321.exe (BKPjRzOR)  (03b73d4e2b98a6ae6e2158bfd0916890)

0 / 68
anexo.exe (eEvBZAgZ)  (20e2b088aec707544e1f98eb83979bc4)

35 / 68    (Malware)
anexo.exe (QfLZmhnS)  (f995a1137c1aa5614e0ce162d50d988a)

35 / 68    (Malware)
boleto-91882989.exe (NquNnzjo)  (e320a5186a78f7b52b254a4ae3539a33)

29 / 68    (Malware)
infracao_transito_39288344.exe (GdTumfTQ)  (6b58e6c03bd6f43c5f779dda574b077c)

Downloads URLs for files signed by Dinosaur.

35 / 68    (Malware)
https://storage.googleapis.com/.../Boleto-91762989.exe  (e320a5186a78f7b52b254a4ae3539a33)

35 / 68    (Malware)
https://storage.googleapis.com/.../Boleto-91791189.exe  (e320a5186a78f7b52b254a4ae3539a33)

35 / 68    (Malware)
https://storage.googleapis.com/.../Boleto-91882989.exe  (e320a5186a78f7b52b254a4ae3539a33)

35 / 68    (Malware)
https://storage.googleapis.com/.../Boleto-91221189.exe  (e320a5186a78f7b52b254a4ae3539a33)

35 / 68    (Malware)
https://storage.googleapis.com/.../Boleto-91991189.exe  (e320a5186a78f7b52b254a4ae3539a33)

29 / 68    (Malware)
https://storage.googleapis.com/.../Infracao_Transito_39288344.exe  (6b58e6c03bd6f43c5f779dda574b077c)

35 / 68    (Malware)
https://storage.googleapis.com/.../Boleto-91790089.exe  (e320a5186a78f7b52b254a4ae3539a33)

35 / 68    (Malware)
https://storage.googleapis.com/.../Anexo.exe  (f995a1137c1aa5614e0ce162d50d988a)

The following websites host and distribute files published by Dinosaur.

storage.googleapis.com

The following certificate is also signed by Dinosaur.

0DF6  (Apr 01, 2015 to May 31, 2015)

The following publishers (by Authenticode signature organization name) are related.

IMALI – N.I. MEDIA LTD

Vectric Limited

PSEUDiO Ltd

OOO DIGITAL VEI

OOO Advert M

DigiExam Solutions Sweden AB

Power Software Limited

Adverts Technologies

Digital Vei,OOO

OOO Kod Intertainment

OOO Next Point

OOO DIGITAL MEMORI

Steak House

Kapa

EVO DIGITAL MEDIA CONSULTORIA E TECNOLOGIA LTDA

OOO Digital

OOO DIGITAL ZON

Disc Soft Ltd

Telegram Messenger LLP

Adverts Alliance

think-cell Software GmbH

Code Sector

OOO Digital Servis

Switch Communications, Inc.

SAPO

One Call Ltd

OOO Digital Zone

Motorola Mobility Inc.

Irfan Skiljan

Bluefire Productions, LLC

30 of 71 publishers

* Note, the details and description above are based on the code signing digital signature issued to Dinosaur by getaCert - www.getacert.com on March 15, 2015 with the serial number '0cf5'.
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.