» EVROPLAST LLC
Digital Signature
Analysis
Files (29)
Downloads (122)
Distribution (31)
Related (92)

EVROPLAST LLC

Publisher Information

EVROPLAST LLC is a software developer located in Donetsk, Alberta in Ukraine*. The company is a primary distributor of unwanted software. There is one additional code signing certificate issued to this publisher.

Authority:

thawte, Inc.

Valid from:

12/22/2014 1:00:00 AM

Valid to:

12/23/2015 12:59:59 AM

Subject:

CN=EVROPLAST LLC, O=EVROPLAST LLC, L=Donetsk, S=Alberta, C=UA

Issuer:

CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:

3a189ec1963ab0505c115175c20cd893

Scanner detections:

Detections (100% detected)

Scan engine

Details

Detections

Reason Heuristics

PUP.Installer.EVROPLAST.AA, PUP.Installer.EVROPLAST.Y, PUP.Installer.EVROPLAST.d, PUP.Installer.EVROPLAST.FF, PUP.Installer.EVROPLAST.Z, PUP.Installer.EVROPLAST.P, PUP.Amonetize.EVROPLAST.Bundler (M), PUP.Amonetize.EVROPLAS.Bundler (M), PUP.Amonetize (M)

100.00%

Dr.Web

Trojan.Amonetize.341

58.62%

Trend Micro House Call

Suspicious_GEN.F47V1230, TROJ_GEN.R047H07LU14, Suspicious_GEN.F47V1231, Suspicious_GEN.F47V1229

51.72%

McAfee

Artemis!9F87C5DEF20C, Artemis!1E10DD8F4D96, Artemis!AB171716F944, Artemis!54E117F334B4, Artemis!9EEAE81957CC, Artemis!F23EBE58EE48, Artemis!85D027E56623, Artemis!6D74EE3210A8

51.72%

ESET NOD32

Win32/Amonetize.CK (variant)

51.72%

Sophos

Generic PUA HM, Amonetize, PUA 'Amonetize'

51.72%

AhnLab V3 Security

PUP/Win32.Amonetiz

51.72%

Avira AntiVirus

Adware/Amonetize.576192.24, Adware/Amonetize.575680.15, Adware/Amonetize.576200.16, Adware/Amonetize.575168.46, Adware/Amonetize.575168.44

44.83%

avast!

Win32:Dropper-gen [Drp], Win32:Adware-gen [Adw], Win32:Malware-gen, Win32:PUP-gen [PUP]

44.83%

Fortinet FortiGate

Adware/Amonetize, Riskware/Amonetize

41.38%

1 / 68 (Adware)

media converter__2467_il13535.exe (c08c53174155e202fdca3f1490e6b92f)

1 / 68 (Adware)

Setup.exe (2eb8439230d8a9ae05f01cb38504ec47)

1 / 68 (Adware)

worms 3d download torrent__10924_i1437877278_il1428478.exe (e22bf21d5f2568210089a8d627d69edd)

1 / 68 (Adware)

office 2013 proplus x86 x64 enus__7821_il57230.exe (53773bd64cd876dbb66e854078a51608)

1 / 68 (Adware)

launcher__11002.exe (ce29fda9de09ed0ca2819f4dabf16f1d)

1 / 68 (Adware)

flashplayersetup__11412_i1434848814_il75.exe (edac85df455de6344d2ac7950afeca79)

1 / 68 (Adware)

7zipsetup__10793_i1438204571_il5905.exe (6a8fab92bbdad87c848dddfe8802fb41)

1 / 68 (Adware)

{blocked}.exe (2150a4f216f1240da24e81171d2e92c1)

1 / 68 (Adware)

bubblegums__5008_il1166462.exe (4889513a6c2fb57ff7f8feeec11dc0f8)

1 / 68 (Adware)

flashplayer__10155_i1434930586_il7.exe (0d1b30965859b3b685ffddc88b73b737)

1 / 68 (Adware)

youtubedownloaderpro__6090_i1434916650_il145288.exe (849b60305824bb58341fd8e3842c3ac7)

1 / 68 (Adware)

pioneer cxe 3272 update map__10924_i1440512325_il418079.exe (2f0decb394bd641b7c58a2c1ac16f9b4)

17 / 68 (Adware)

vassalord drama cd aarinfantasy__10924_i1434983845_il380354.exe (fc76a17682a0ef62632bb82bac94653e)

16 / 68 (Adware)

launcher__11002.exe (0bc424ae5b522791725722dceff55511)

11 / 68 (Adware)

toolkit v2 4.1 ez activator__2789_i1435269862_il493742.exe (67a36b6fdd6f30cfe8418a408cebebd2)

14 / 68 (Adware)

00000000 (6d74ee3210a89328aa454a10481d0a49)

11 / 68 (Adware)

nfsworldfullversionforpcwindows7__6090_i1436927142_il1098895.exe (975954477132478352f8e44b16d4a33d)

25 / 68 (Adware)

launcher__11002.exe (182e01690144cec8f7190d447b4c0c42)

6 / 68 (Adware)

mediaplayer__9220_i1434406542_il513.exe (85d027e56623dd286876d5895fbfda03)

6 / 68 (Adware)

mediaplayer__9220_i1434336700_il513.exe (19f1ff04d9f75c189a49e1d4c9c7e2e2)

12 / 68 (Adware)

serialkeygen__7934_il1058553.exe (feb4191cfe9e3cbfc87ddf73749b17b9)

6 / 68 (Adware)

mediaplayer__3137_il94.exe (1aad81c5b4db33c7985ac55b2023ea57)

10 / 68 (Adware)

heroes and generals hack october 2014 no survey no password__10967_i1436325746_il311680.exe (f23ebe58ee484df05966437a3ea1310e)

14 / 68 (Adware)

story weaver__10924_i1436242136_il855133.exe (2e68a4acc91ba4e7eac00eedd151ec80)

12 / 68 (Adware)

removewat3__7934_il610165.exe (9eeae81957ccbe5273beaf7e030c3c3a)

12 / 68 (Adware)

vlcmediaplayersetup__11070_il94.exe (54e117f334b40091d6a6718ef1378575)

12 / 68 (Adware)

mediaplayer__9220_i1435452283_il513.exe (803116515e49d867fcdafab51ef8d80e)

12 / 68 (Adware)

mediaplayer__3936_il1857.exe (1e10dd8f4d96947c9e203ec9462337d1)

12 / 68 (Adware)

file.downloader__9581_il263.exe (9f87c5def20cf9fa9d4ea09f18820cb5)

Downloads URLs for files signed by EVROPLAST LLC.

12 / 68 (Adware)

http://www.slow-download.com/download.php?version=1.1.5.26&campid=3687&instid[appname]=Telecharger Jeux Gta Windows Xp Downloader&instid[appsetupurl]=http://fastmediadownloads.com/download/Prompt-Downloader-1456439786.exe&instid[cmdline]=&instid[appimageurl]=http://.../logo.png&prefix=Telecharger Jeux Gta Windows X Downloader&instid[interrupted]=http://.../?cancel&ti1=1456439786&instid[thankyoupage]=http://.../?success (9f87c5def20cf9fa9d4ea09f18820cb5)

10 / 68 (Adware)

http://www.slow-download.com/download.php?version=1.1.5.26&campid=3687&instid[appname]=Saunders Q Downloader&instid[appsetupurl]=http://fastmediadownloads.com/download/Prompt-Downloader-1824835527.exe&instid[cmdline]=&instid[appimageurl]=http://.../logo.png&prefix=Saunders Q Downloader&instid[interrupted]=http://.../?cancel&ti1=1824835527&instid[thankyoupage]=http://.../?success (f23ebe58ee484df05966437a3ea1310e)

12 / 68 (Adware)

http://www.slow-tsunami-file.com/.../FlashPlayer__4369_i1435391695_il7.exe (54e117f334b40091d6a6718ef1378575)

6 / 68 (Adware)

http://www.slow-tsunami-file.com/.../FlashPlayer__10155_i1438557330_il7.exe (1aad81c5b4db33c7985ac55b2023ea57)

10 / 68 (Adware)

http://www.our-hurricane-file.net/.../FIFA15KeyGeneratorSetup__6196_il552.exe (f23ebe58ee484df05966437a3ea1310e)

10 / 68 (Adware)

http://www.your-tsunami-file.net/allddT.html?myref=dm&campid=7630&version=1.1.5.26&instid[appname]=Windows 7 Loader By Daz&instid[appsetupurl]=https://copy.com/tujXgWpcpL7Y2Asr?download=1&instid[appimageurl]=http://i1088.photobucket.com/albums/i336/frankonlinenet/7load_zps6a68f76b.png&prefix=Windows 7 Loader&instid[thankyoupage]=http://ppvline.com/.../Windows7.html&AMt=1420407638654&AMh=7fn2b4gxIWmb09igS84d2Ie2zMXUjQgM3KAUfCzDKPbVydo5QZMSwcespsmVBC1AtdCH3iBb48loOaw3 (heroes and generals hack october 2014 no survey no password__10967_i1436325746_il311680.exe)

10 / 68 (Adware)

http://letshareus.com/download.php?aff=10451&name=wpman&file=Download.Setup (heroes and generals hack october 2014 no survey no password__10967_i1436325746_il311680.exe)

10 / 68 (Adware)

http://www.our-hurricane-file.net/.../NBA Jam__3435_il80204.exe (f23ebe58ee484df05966437a3ea1310e)

11 / 68 (Adware)

http://www.our-hurricane-file.net/.../PSP Game Setup__5483_il3713.exe (975954477132478352f8e44b16d4a33d)

10 / 68 (Adware)

http://www.your-tsunami-file.net/allddT.html?myref=dm&campid=3435&version=1.1.5.26&instid[appname]=V Rally Edition 99&instid[appimageurl]=http://www.gamefabrique.com/i/.../v-rally-edition-99.png&prefix=V Rally Edition 99&AMt=1420379900338&AMh=7fn2b4gxIWmb09igS84d2Ie2zMXUjQgM3KAUfCzDKPbVydo5QZMSwcespsmVBC1AtdCH3iBb48loOaw3 (heroes and generals hack october 2014 no survey no password__10967_i1436325746_il311680.exe)

6 / 68 (Adware)

http://www.slow-tsunami-file.com/.../FlashPlayer__10155_i1435973749_il7.exe (1aad81c5b4db33c7985ac55b2023ea57)

14 / 68 (Adware)

http://www.earthquake-file.com/.../[FREE PDF] USMLE Step 1 Made Ridiculously Simple (6th Ed.) . FREE PDF DOWNLOAD__9016_il487819.exe (6d74ee3210a89328aa454a10481d0a49)

10 / 68 (Adware)

http://free-updates2.pl/lp10/installer.php?aff=100&subaff=423&exename=FL_VideoPlugin.exe&title=FL Video Plugin&description=FL Video Plugin&downloadurl=http://.../VLX_Player.exe&tid= (f23ebe58ee484df05966437a3ea1310e)

12 / 68 (Adware)

http://goo.gl/3xD03U (file.downloader__9581_il263.exe)

12 / 68 (Adware)

http://www.slow-tsunami-file.com/.../FlashPlayer__4369_i1435293096_il7.exe (54e117f334b40091d6a6718ef1378575)

12 / 68 (Adware)

http://www.myplayerhd.net/dd2.html?version=1.1.5.55&ci=10422&capp=FlashPlayer&prefix=FlashPlayer (vlcmediaplayersetup__11070_il94.exe)

10 / 68 (Adware)

http://www.slow-download.com/download.php?version=1.1.5.26&campid=3687&instid[appname]=Swap Magic Exe Downloader&instid[appsetupurl]=http://fastmediadownloads.com/download/Prompt-Downloader-1091820885.exe&instid[cmdline]=&instid[appimageurl]=http://.../logo.png&prefix=Swap Magic Exe Downloader&instid[interrupted]=http://.../?cancel&ti1=1091820885&instid[thankyoupage]=http://.../?success (f23ebe58ee484df05966437a3ea1310e)

12 / 68 (Adware)

http://www.funniest-download.com/tdownload.php?s1=7db99c2dde5d0adafb4976e095ae4617de9afdad&t1=1419979211&ref=www.winflashplayer.com&version=1.1.5.89&direct=1&prefix=FlashPlayersetup&campid=11412&ti1=-_-MDYzMV81MV81MTYxXzUyMDNfQlJfMTg5LjEwNS4yMzcuMTU0XzY5NF83OTY2X0FEUw-_-ADSYS-2cc91f7a-9074-11e4-9a9a-fae93853f771&capp=FlashPlayer (mediaplayer__9220_i1435452283_il513.exe)

10 / 68 (Adware)

http://www.funnier-download.com/download.php?campid=11476&version=1.1.5.26&instid[appname]=nuevo_mix_prince_royce_2014.mp3&instid[appsetupurl]=http://static.convertonmp3.com/downloads/08/3b/nuevo_mix_prince_royce_2014.mp3?h=t5l-mzNICcGa0orGwkNzVw&e=1420198897&instid[cmdline]=%temp%/Download&instid[appimageurl]=http://youtubemp4s.com/apple-touch-icon.png&prefix=nuevo.mix.prince.royce.2014.mp3&instid[thankyoupage]=http://convertonmp3.com (heroes and generals hack october 2014 no survey no password__10967_i1436325746_il311680.exe)

6 / 68 (Adware)

http://www.slow-tsunami-file.com/.../FlashPlayer__10155_i1438437286_il7.exe (1aad81c5b4db33c7985ac55b2023ea57)

6 / 68 (Adware)

http://www.slow-tsunami-file.com/.../FlashPlayer__10155_i1436572396_il7.exe (1aad81c5b4db33c7985ac55b2023ea57)

10 / 68 (Adware)

http://hqhub.net/download_player.php?a=97600&f=1 (heroes and generals hack october 2014 no survey no password__10967_i1436325746_il311680.exe)

12 / 68 (Adware)

http://fixdownloadz.com/2/download.php?i=2E&soft_name=Line Let's Get Rich Hack&soft_version=1.4&soft_url=http://lineletsgetrichhack.wordpress.com (file.downloader__9581_il263.exe)

10 / 68 (Adware)

http://letshareus.com/download.php?aff=10892&name=fbchat&file=Download Game Onet 2 For PC Windows Xp 7 8 dan 9 Gratis (heroes and generals hack october 2014 no survey no password__10967_i1436325746_il311680.exe)

10 / 68 (Adware)

http://www.slow-download.com/download.php?version=1.1.5.26&campid=3687&instid[appname]=File381112 Downloader&instid[appsetupurl]=http://fastmediadownloads.com/download/Prompt-Downloader-1525601232.exe&instid[cmdline]=&instid[appimageurl]=http://.../logo.png&prefix=File381112 Downloader&instid[interrupted]=http://.../?cancel&ti1=1525601232&instid[thankyoupage]=http://.../?success (f23ebe58ee484df05966437a3ea1310e)

11 / 68 (Adware)

http://www.your-tsunami-file.net/allddT.html?myref=www.downloadthesefile.com&version=1.1.6.20&prefix=Download Game PC Lost Saga Offline terbaru 2014 Work&campid=9013&instid[appname]=Download Game PC Lost Saga Offline terbaru 2014 Work&instid[thankyoupage]=&instid[appsetupurl]=&instid[interrupted]=&instid[appimageurl]=http://s3.amazonaws.com/.../downloadall.png&AMt=1420462655767&AMh=7fn2b4gxIWmb09igS84d2Ie2zMXUjQgM3KAUfCzDKPbVydo5QZMSwcespsmVBC1AtdCH3iBb48loOaw3 (nfsworldfullversionforpcwindows7__6090_i1436927142_il1098895.exe)

1 / 68 (Adware)

http://www.slow-download.com/download.php?version=1.1.5.26&campid=3687&instid[appname]=Fun Run 2 Hack Downloader&instid[appsetupurl]=http://fastmediadownloads.com/download/Prompt-Downloader-1555541667.exe&instid[cmdline]=&instid[appimageurl]=http://.../logo.png&prefix=Fun Run 2 Hack Downloader&instid[interrupted]=http://.../?cancel&ti1=1555541667&instid[thankyoupage]=http://.../?success (2150a4f216f1240da24e81171d2e92c1)

10 / 68 (Adware)

http://download-cdn.com/direct/.../mediaplayer_setup.php?a=12355&s=0&t=1&fv=7 (heroes and generals hack october 2014 no survey no password__10967_i1436325746_il311680.exe)

10 / 68 (Adware)

http://fixdownloadz.com/4/download.php?i=37&soft_name=PSG Update&soft_version=2.57&soft_url=https://.../gws=57_445526Ps (heroes and generals hack october 2014 no survey no password__10967_i1436325746_il311680.exe)

10 / 68 (Adware)

http://myfreedownloadsnow.com/download_direct.php?id=1592&name=file381112 (heroes and generals hack october 2014 no survey no password__10967_i1436325746_il311680.exe)

Latest 30 of 122 download URLs

Distribution

The following websites host and distribute files published by EVROPLAST LLC.

free-updates2.pl

www.funniest-download.com

www.autojuly181-dm-download.biz

v3securedownload.com

www.loss-download.com

www.autojuly144-dm-download.biz

www.videotender.com

www.coneflower-download.com

www.funnier-download.com

www.freedirectdownload.ru

fixdownloadz.com

www.our-hurricane-file.net

suredownloadz.com

www.slow-download.com

hqhub.net

www.myplayerhd.net

www.your-tsunami-file.net

www-vanilla1.fb-hosting-apps.com

www.earthquake-file.com

www.slow-tsunami-file.com

download-cdn.com

v4download2.biz

letshareus.com

myfreedownloadsnow.com

bestmediadownloads.com

evodownload.com

download2184.mediafire.com

download.quadownload.com

v4download.com

bit.ly

30 of 31 domains

The following certificate is also signed by EVROPLAST LLC.

54306BD964BEDB84E36595E6748114EA (Nov 19, 2014 to Nov 20, 2015)

The following publishers (by Authenticode signature organization name) are related.

AMGRUP LLC

Banner LLC

Shetef Solutions & Consulting (1998) Ltd.

Unilogic Informatica Ltda ME

30 of 92 publishers

* Note, the details and description above are based on the code signing digital signature issued to EVROPLAST LLC by thawte, Inc. on December 22, 2014 with the serial number '3a189ec1963ab0505c115175c20cd893'.

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.