First Offer LTD is a brand of publishers/developers run by WebPick Internet Holdings Ltd. located in Ramat Ha'Chayal Tel Aviv, Israel. The company is a primary distributor of unwanted software. First Offer LTD is a developer of WebPick Internet Holdings and publishes a number of adware web browser plugins designed to monitor web browser behavior and inject advertisements (banner, popups, text-links, etc.) in the browser by using the WebPick InstalleRex monetization delivery platform. These programs from First Offer LTD are typiclaly installed on a variety of names and misspellings and are very difficult to remove. According to WebPick, they use developers to sign their adware in order to "throw off competitors". There is one additional code signing certificate issued to this publisher.
COMODO CA Limited
10/8/2013 2:00:00 AM
10/9/2014 1:59:59 AM
CN=First Offer LTD, O=First Offer LTD, STREET=Habarzel 21 Tel Aviv, L=Tel aviv, S=Israel, PostalCode=69710, C=IL
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB
Detections (88% detected)
Adware.WebPick.Installer.K, Adware.WebPick.Installer.J, PUP.Task.FirstOffer.W, PUP.Task.FirstOffer.O, PUP.BHO.FirstOffer.N, PUP.Toolbar.FirstOffer.I, PUP.FirstOffer.N, PUP.FirstOffer.I, PUP.ResignedInterop.FirstOffer.Z, Common.PUP.FirstOffer.BB, PUP.FirstOffer.O, PUP.FirstOffer.U, PUP.FirstOffer.J, PUP.Toolbar.FirstOffer.Q, PUP.Installer.FirstOffer.N, Common.PUP.FirstOffer.N, Common.PUP.FirstOffer.Q, PUP.FirstOffer.L, PUP.WebPick.FirstOffer.Bundler (M), Common.PartOf.PUP.WebPick.FirstOffer (M)
Win32:InstalleRex-BF [PUP], Win32:InstalleRex-AE [PUP], Win32:Installer-AP [PUP]
MalSign.Generic, MalSign.Skodna.Pick, Onefloorap
Adware.Downware.2108, Adware.Plugin.364, Trojan.WebPick.7388
Adware/InstallRex.V, TR/Trash.Gen, APPL/Downloader.Gen4
a variant of 1d2d3c2b82581af6772c2e48f31cc0830d8e00f5, a variant of 170e2669b8ff00e3c3d93ef2180843d429444b89, a variant of 625738d77ddd2bbed526e40acdd525f5c509139f
Downloads URLs for files signed by First Offer LTD.
The following websites host and distribute files published by First Offer LTD.
The following certificate is also signed by First Offer LTD.
The following publishers (by Authenticode signature organization name) are related.
* Note, the details and description above are based on the code signing digital signature issued to First Offer LTD by COMODO CA Limited on October 08, 2013 with the serial number '49900242461d96cb7b045be0a258338e'.