FIRSERIA, S.L.

Publisher Information

FIRSERIA, S.L. is a software publisher located in Badalona, Barcelona in Spain*. The company is a primary distributor of adware type software. Firseria (Solimba Aplicaciones S.L.) based on Spain is a company that runs various download portals including winportal.com and descargargratis.com which are designed as download sites that distribute legitimate 'Free Downloads', however they use a custom download manager (DownloadMR) to package bundled offers with each installation "Additionally, the download manager offers the optional installation of a toolbar.". These offeres include adware, toolbars and various other potential unwanted software. There is one additional code signing certificate issued to this publisher.
Authority:
Thawte, Inc.

Valid from:
7/23/2013 8:00:00 PM

Valid to:
7/24/2014 7:59:59 PM

Subject:
CN="FIRSERIA, S.L.", OU=IT, O="FIRSERIA, S.L.", L=Badalona, S=Barcelona, C=ES

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
73c4780fac0cd497b0778732fb8af673

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.FIRSERIASL.U, PUP.Installer.FIRSERIASL.Y, PUP.FIRSERIASL.N, PUP.FIRSERIASL.I, PUP.Installer.FIRSERIASL.F, PUP.Installer.FIRSERIASL.Q, PUP.Installer.FIRSERIASL.N, PUP.Installer.FIRSERIASL.R, PUP.FIRSERIASL.Q, PUP.Installer.FIRSERIASL.S, PUP.FIRSERIASL.Z, PUP.FIRSERIASL.V, PUP.Installer.FIRSERIASL.b, PUP.FIRSERIASL.W, PUP.Installer.FIRSERIASL.a, PUP.Installer.FIRSERIASL.DD, PUP.FIRSERIASL.F, PUP.FIRSERIASL.M, PUP.Installer.FIRSERIASL.I, PUP.FIRSERIASL.J, PUP.Installer.FIRSERIASL.V, PUP.FIRSERIASL.P, PUP.FIRSERIASL.L, PUP.FIRSERIASL.R, PUP.Installer.FIRSERIASL.O, PUP.Installer.FIRSERIASL.g
100.00%

Dr.Web
Trojan.MulDrop5.4401, Adware.Downware.1424, Adware.Downware.1433, Trojan.DownLoader10.9253, Trojan.DownLoader10.62400, Trojan.DownLoader10.14117
98.00%

Kaspersky
not-a-virus:Downloader.Win32.Firser, not-a-virus:Downloader.Win32.Morstar
98.00%

VIPRE Antivirus
Threat.4150696, Threat.4895151, DownloadMR, Threat.4782980, Trojan.Win32.Generic
96.00%

Avira AntiVirus
TR/Crypt.ULPM.Gen, TR/Dropper.Gen, APPL/Firseria.Gen, TR/Crypt.XPACK.Gen, APPL/Firseria.A.3, Adware/Fiseria.A
96.00%

Malwarebytes
PUP.Optional.BundleInstaller.A, PUP.Optional.Solimba.mr, PUP.Optional.Firseria, PUP.Optional.Firser.A, PUP.Optional.FirSeriaInstaller
96.00%

Rising Antivirus
PE:PUF.FirseriaInstaller@CV!1.9C54, PE:PUF.FirseriaInstaller@CV!1.5C42, PE:Trojan.Win32.Generic.170006F8!385877752
96.00%

Sophos
Solimba Installer
96.00%

Comodo Security
Application.Win32.Solimba.J, TrojWare.Win32.Trojan.Obfuscated.~EN
96.00%

Vba32 AntiVirus
Downware.Morstar, Downloader.Firser, Downloader.Morstar, Signed-Downware.Morstar.FIRSERIA
96.00%

6 / 68      (Adware)
{cf209eea-7900-434a-9f97-5af6cae46320} (by Firseria)  (735f56125b6733e0f2641591f127d37a)

33 / 68    (Adware)
google chrome.exe (by Firseria·s·l·)  (a3466e83f5190bbd95562b6159b15590)

32 / 68    (Adware)
utorrent.exe (by Frserira s·l·)  (a94a3c1005f9fc885bb9aa398becf681)

29 / 68    (Adware)
bpm studio pro.exe (by Firseria)  (7994e4a551b93598a04aa45fffc9312d)

33 / 68    (Adware)
microsoft visio.exe (by Firseria·s·l·)  (db2e640c17344077f223e81cb0af309e)

33 / 68    (Adware)
adobe digital editions.exe (by Rapiddown)  (eda304d39f26fab2c0fcb111689f4068)

38 / 68    (Adware)
utorrent.exe (by Firseria·s·l·)  (730825fb03070f1a103ba2641ef898de)

31 / 68    (Adware)
ammyy admin.exe (by Frsera·sl)  (ef7bd5b09af0ab70ebcf2b6f0edef802)

15 / 68    (Adware)
unconfirmed 79182.crdownload (by F¡rser¡a s·l·)  (a2d7d8e912006a4aa4532270bc9d9cc4)

33 / 68    (Adware)
quick heal total security.exe (by Firseria·s·l·)  (21cbbc1fdd4141ae19c3ab0260c9d2b2)

33 / 68    (Adware)
avs_media_player.exe (by F¡rser¡a s·l·)  (fa453423269de21897d479ee840c20a9)

34 / 68    (Adware)
file_downloader.exe (by Firseria·s·l·)  (a76b1ec6f4c1dc38e3e75610e06dfe88)

33 / 68    (Adware)
file_downloader.exe (by Firseria·s·l·)  (d956ec6aa5dd378ab23cee607c2ce295)

1 / 68      (Adware)
eset nod32 antivirus.exe.215472.gzquar (by ·Firseria·)  (2bfc764c7296c3a91689c507f59a7400)

30 / 68    (Adware)
microsoft office 2010.exe (by ·Firseria·)  (09cdd8c3946c5a8105b4caed04d7e619)

37 / 68    (Adware)
microsoft office 2010.exe (by Firseria·s·l·)  (04182e16c124044ca6ed13cdff9313fa)

37 / 68    (Adware)
irfanview.exe (by Firseria·s·l·)  (e2c20d8f102bf3d58e75ef424a94b4d2)

29 / 68    (Adware)
microsoft office 2010.exe (by Firseria)  (669d6c074477c3d5d1d08f785d7b7d14)

30 / 68    (Adware)
microsoft office 2010.exe (by Firseria)  (ec88394d416317e632ae690c6d58cff2)

30 / 68    (Adware)
microsoft office 2010.exe (by Firseria)  (a7387061a65183a865970a7b9f13897c)

28 / 68    (Adware)
flv_media_player.exe (by Frserira s·l·)  (3bad16524ed068777e5f95ec6f099c74)

28 / 68    (Adware)
ccleaner.exe (by Firseria)  (c4a9fd6aa02c11691c792bc9cac5a9a3)

33 / 68    (Adware)
flv_media_player.exe (by F¡rser¡a s·l·)  (963845316078f0b7785e1892fabfcc19)

38 / 68    (Adware)
adobe reader.exe (by Firseria·s·l·)  (d5746817de9299f9426706abc422d938)

30 / 68    (Adware)
powerdvd.exe (by Firseria)  (8475627d0f152e62a91fada0c4b26b55)

33 / 68    (Adware)
avast! free antivirus.exe (by Frserira s·l·)  (90ccedb10ef8c76c04736626cda4c05d)

34 / 68    (Adware)
skype.exe (by Frserira s·l·)  (9859d28a7b3f5446e264e8b0000029a2)

32 / 68    (Adware)
microsoft security essentials.exe (by Firser)  (b9a34bfc409835c98014ff60b46eed85)

39 / 68    (Adware)
flv_media_player.exe (by Frserira s·l·)  (03f3d32a2c3c4a2def13ac0549624e35)

30 / 68    (Adware)
spybot search & destroy.exe (by Firseria)  (748ebfe1911cecab29bcb40c492df5e3)

 
Latest 30 of 915 files

Downloads URLs for files signed by FIRSERIA, S.L..

38 / 68    (Adware)
http://dl01.facdmr.com/n/.../uTorrent.exe  (730825fb03070f1a103ba2641ef898de)

30 / 68    (Adware)

33 / 68    (Adware)
http://dl.downf468.com/n/.../Avast! Free Antivirus.exe  (90ccedb10ef8c76c04736626cda4c05d)

34 / 68    (Adware)
http://dl.downf468.com/n/.../Skype.exe  (9859d28a7b3f5446e264e8b0000029a2)

39 / 68    (Adware)
http://dl.downf468.com/n/3.0.25/.../FLV_Media_Player.exe  (03f3d32a2c3c4a2def13ac0549624e35)

30 / 68    (Adware)

34 / 68    (Adware)
http://dl01.fabdmr.com/n/.../FLV_Media_Player.exe  (a233f404677299b5d658b09a2b2ff635)

31 / 68    (Adware)

31 / 68    (Adware)

Top-level domains owned by FIRSERIA, S.L..

The following websites host and distribute files published by FIRSERIA, S.L..

The following certificate is also signed by FIRSERIA, S.L..

7658ACC15B33D93ABD5A967181DEF901  (Jul 24, 2014 to Jul 23, 2016)

The following publishers (by Authenticode signature organization name) are related.

Detection Incidence by Country
* Note, the details and description above are based on the code signing digital signature issued to FIRSERIA, S.L. by Thawte, Inc. on July 23, 2013 with the serial number '73c4780fac0cd497b0778732fb8af673'.