home

DOTPITCH.INC

Publisher Information

DOTPITCH.INC is a software publisher located in Gangnam, Seoul in Korea*. The company is a primary distributor of unwanted software. Thre are 3 additional code signing certificates issued to this publisher.
Authority:
Thawte, Inc.

Valid from:
3/24/2014 9:00:00 AM

Valid to:
5/24/2015 8:59:59 AM

Subject:
CN=DOTPITCH.INC, OU=IT Team, O=DOTPITCH.INC, L=Gangnam, S=SEOUL, C=KR

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
16a683fe8427fd3be9fd80535ae94d79

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
Threat.DOTPITCHINC, PUP.DOTPITCHINC, PUP.DOTPITCHINC (M), PUP.DOTPITCH (M), PUP (M)
100.00%

Bkav FE
W32.HfsAdware
35.00%

Trend Micro House Call
Suspicious_GEN.F47V0417, Suspicious_GEN.F47V0415, TROJ_GEN.R0C1C0OEO15, Suspicious_GEN.F47V0427, TROJ_GEN.R03EC0EDT15, Suspicious_GEN.F47V0430
35.00%

avast!
Win32:Adware-gen [Adw], Win32:Dropper-NSH [Drp]
35.00%

AhnLab V3 Security
PUP/Win32.WinDisplay, PUP/Win32.WindowsTap
35.00%

Qihoo 360 Security
Win32/Trojan.Adware.37e
35.00%

McAfee
Artemis!D9D44A24E7B9, Artemis!2D675B8FBBFB, Artemis!4ED0CEF06724, Artemis!213176B37835, Artemis!29CCE4AFE97D, Artemis!45315BE5842D
30.00%

Dr.Web
Trojan.Adkor.71, DLOADER.Trojan
25.00%

ESET NOD32
Win32/AdWare.Kraddare.IL (variant), Win32/Adware.Kraddare.HW (variant), Win32/Adware.Kraddare.HH (variant)
25.00%

Fortinet FortiGate
Riskware/Kraddare, W32/Kraddare.HW
25.00%

1 / 68      (Adware)
windowstab.exe (WindowsTab)  (541875561e7c83b169488eb2ce692948)

1 / 68      (Adware)
windowstab.exe (WindowsTab)  (4ed0cef067240dc217e49a38ae91d8d6)

1 / 68      (Adware)
windowstab.exe (WindowsTab)  (4ed0cef067240dc217e49a38ae91d8d6)

1 / 68      (Adware)
adart.exe  (5e61382d7cb3e188ae4c1521117847e1)

1 / 68      (Adware)
adartex.exe  (a3551c3c30195a569100db7ec51b162c)

8 / 68      (Adware)
brokerlib.dll  (808ed5ea9cd634a93b5708380a32eaa9)

1 / 68      (Adware)
windowstab.exe (WindowsTab)  (462be96a856b12b19dd8fbe778f2c95b)

1 / 68      (Adware)
adart.exe  (dfbf5f507b082fb3b96e86b9752ee4e3)

1 / 68      (Adware)
adartex.exe  (8dfced43a7ce0e8e3817ab2e4da2849a)

1 / 68      (Adware)
adart.exe  (ddaf0dcf53e520ac7f0ffd9a1167b28c)

1 / 68      (Adware)
adart.exe  (6da22c4ba7f1b3dae48634492c27ce8d)

1 / 68      (Adware)
adartex.exe  (e58020e47bead2c4a20963e0b79c8029)

1 / 68      (Adware)
adartun.exe  (0e69d0dc6f6e240f1dbc4a01586385c9)

14 / 68    (Adware)
adartun.exe  (1eedff77e2fbf24bc43b5b5ccc42ef03)

12 / 68    (Adware)
windowstab_uc.exe  (45315be5842df9db1d55fa93a288b918)

24 / 68    (Adware)
windowstab_mon.exe  (29cce4afe97d5168de6272ba3d1a67d0)

12 / 68    (Adware)
14319f.tmp.exe  (213176b3783552f577821a7f5dafea17)

18 / 68    (Adware)
windowstab.exe (WindowsTab)  (4ed0cef067240dc217e49a38ae91d8d6)

19 / 68    (Adware)
adart.exe  (2d675b8fbbfb8032db2ecfdb12198855)

20 / 68    (Adware)
adart.exe  (d9d44a24e7b9f6c6fd60f9226d425de4)

Downloads URLs for files signed by DOTPITCH.INC.

18 / 68    (Adware)
http://file.muuk.co.kr/app/.../windowstab/windowstab.exe  (4ed0cef067240dc217e49a38ae91d8d6)

The following websites host and distribute files published by DOTPITCH.INC.

file.muuk.co.kr

The certificates below are also signed by DOTPITCH.INC.

793669C3DA3B76A97751C9F1D1D7B76C  (Apr 21, 2015 to Jun 20, 2016)

0AA240F3D167B5B6AF5A20903B60B16F  (Mar 12, 2013 to Apr 12, 2014)

51438B8E28F918E6BE945AF50864A93F  (Mar 14, 2012 to Mar 15, 2013)

* Note, the details and description above are based on the code signing digital signature issued to DOTPITCH.INC by Thawte, Inc. on March 24, 2014 with the serial number '16a683fe8427fd3be9fd80535ae94d79'.
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.