Goobzo LTD

Publisher Information

Goobzo LTD is a software publisher located in Haifa, Israel*. The company is a primary distributor of adware type software. Thre are 2 additional code signing certificates issued to this publisher.
Authority:
Thawte, Inc.

Valid from:
5/2/2013 2:00:00 AM

Valid to:
5/3/2015 1:59:59 AM

Subject:
CN=Goobzo LTD, O=Goobzo LTD, L=Haifa, S=Israel, C=IL

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
120b25dde57b88636ad4d97d23b99c88

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Goobzo, PUP.Goobzo.Installer, PUP.Goobzo.YTDownloader, PUP.Goobzo (M), PUP.Goobzo.Installer (M), Adware.Crossrider.Goobzo (M)
100.00%

VIPRE Antivirus
Goobzo, Threat.4792716, Crossrider
86.00%

AVG
ShopperPro, Skodna, MalSign.Skodna, Generic5, Crossrider
80.00%

ESET NOD32
Win32/SpeedBit.F potentially unwanted (variant), Win32/Packed.ScrambleWrapper, Win32/SpeedBit (variant), Win32/SBWatchman (variant)
72.00%

G Data
Gen:Variant.Strictor.75070, Win32.Application.Shopperpro, Win32.Application.GoobZo, Trojan.Generic.12815145, Gen:Variant.Strictor.62444
64.00%

Baidu Antivirus
Adware.Win32.Shopper, Adware.Win32.CrossAd, Adware.Win32.SpeedBit, Adware.Win32.CrossRider, PUA.Win64.Crossrider, PUA.Win32.SBWatchman
64.00%

Panda Antivirus
Adware/Goobzo, Generic Malware, Trj/Genetic.gen, Trj/Chgt.B, Generic Suspicious
64.00%

avast!
Win32:Malware-gen, Adware-CDO [PUP], Win32:Adware-CDO [PUP], Win32:GenMaliciousA-IGX [PUP], Win64:Adware-gen [Adw], Win32:Adware-gen [Adw]
62.00%

Sophos
Goobzo, AppRider, PUA 'Goobzo' (of type Adware), Generic PUA LE, Generic PUA ME, Generic PUA DG, Generic PUA BM, Generic PUA MC
60.00%

Kaspersky
not-a-virus:Downloader.NSIS.Agent, not-a-virus:WebToolbar.Win32.CrossRider, not-a-virus:AdWare.Win32.Shopper, not-a-virus:AdWare.NSIS.Adwapper
58.00%

32 / 68    (Adware)
ins_smk.exe  (13a10a7998b4a683c9e2af6b26615fa7)

14 / 68    (Adware)
spbiw.sys  (6d7648c4e401230cf3c32712ecccd199)

12 / 68    (Adware)
dc1_offer_3.exe  (bd3ae395f45802f510c0d74f6d178866)

27 / 68    (Adware)
iwebar-nova.dll  (ecb016b699855edc71a5429c31a5d7cc)

8 / 68      (Adware)
uninstall.exe  (1a2ab18863b2ac2378b3e4540ee2e408)

33 / 68    (Adware)
object browser-buttonutil64.exe (Object Browser)  (fb966d838c02d11a0275669355ff59a3)

1 / 68      (Adware)
object browser-buttonutil64.dll  (2f674dd7a099642c7d7a71904706a767)

1 / 68      (Adware)
iwebar.exe  (04c6b6c7a3e7298a89bfc52acfe614d6)

42 / 68    (Adware)
object browser-bho.dll (Object Browser)  (14908b8e6c1fbee432c22973a548fa41)

21 / 68    (Adware)

44 / 68    (Adware)
object browser-codedownloader.exe (Object Browser)  (ebdd074cfd8b8f00e4b77fe420f51a53)

39 / 68    (Adware)
object browser-nova.exe (Object Browser)  (8f6b850e8527968d94d3fa2cf44e1f0c)

8 / 68      (Adware)
sysmenu64.dll (by Goobzo)  (c397c88a38553c37e11ddbac9ed5b853)

34 / 68    (Adware)
SysMenu.dll (by Goobzo)  (3337c95fa855278f47b4274f89a4f0aa)

31 / 68    (Adware)
YTDownloader.exe (YTDownloader)  (6a04005f6d0041b9d6c39d291f4fd4ac)

25 / 68    (Adware)
dcytdiegut_gutdc_setup.exe  (34cd4cae6055463f43c8ebbaa0f2477a)

1 / 68      (Adware)
yta.exe (by Goobzo)  (b933b69109a479a9a15a7b361f0c5349)

22 / 68    (Adware)
setup.exe (YTDownloader by Goobzo.com)  (d630f033fa45a117792e76409334817a)

33 / 68    (Adware)
object browser-buttonutil64.exe (Object Browser)  (bdee387c25340489b60c21bbb04e22af)

1 / 68      (Adware)
object browser-buttonutil64.dll  (224a9f660287a6116d17b023c9c53a94)

22 / 68    (Adware)
dcytaiesmt_smtyc_setup.exe  (009f651459d64c42f3872cb0c592b194)

24 / 68    (Adware)
dcytdieamo_amodc_setup.exe  (ea7a7464816663894971869285de59a0)

12 / 68    (Adware)
shopperpro.exe  (7e3d5cd3a5b03b9b9a18c71bbab22cb1)

32 / 68    (Adware)
dcytdownloader.exe  (5fb3cd353705c006c51fb1b9a5ef3100)

19 / 68    (Adware)
setup.exe  (31c1478a27fbcbb06256e2c9112d86c0)

25 / 68    (Adware)
downloadapi.dll (DownloadAPI by YTDownloader)  (869d01c03df83785fd648acbe80f1f4e)

22 / 68    (Adware)

40 / 68    (Adware)
smi32.exe (SBInject Application)  (09de924402af0556815d806baaa93c30)

30 / 68    (Adware)
jsdrv.sys (JsDriver)  (8ca634debf65981eedd95b772d220888)

25 / 68    (Adware)
setup.exe (Shopper-Pro)  (b6bed06b7f116bcb8a126dabf75f7ad6)

 
Latest 30 of 9,491 files

The certificates below are also signed by Goobzo LTD.

3C3E526E4FC7FCA9432F2BC6F34C86A5  (Feb 03, 2015 to May 05, 2016)

540C0079991671CE32CA3B11FAC12CD6  (Mar 05, 2014 to Mar 06, 2015)

The following publishers (by Authenticode signature organization name) are related.

30 of 35 publishers

Detection Incidence by Country
* Note, the details and description above are based on the code signing digital signature issued to Goobzo LTD by Thawte, Inc. on May 02, 2013 with the serial number '120b25dde57b88636ad4d97d23b99c88'.