Guangxi Nanning Shengtaian E-commerce Development Co., Ltd.

Publisher Information

Guangxi Nanning Shengtaian E-commerce Development Co., Ltd. is a software developer located in Nanning, Guangxi in China*. Thre are 3 additional code signing certificates issued to this publisher.
Authority:
WoSign eCommerce Services Limited

Valid from:
7/17/2012 12:23:57 AM

Valid to:
7/19/2013 10:21:38 AM

Subject:
E=kefu@shengtaian.com, CN="Guangxi Nanning Shengtaian E-commerce Development Co., Ltd.", O="Guangxi Nanning Shengtaian E-commerce Development Co., Ltd.", L=Nanning, S=Guangxi, C=CN

Issuer:
CN=WoSign Class 3 Code Signing CA, O=WoSign eCommerce Services Limited, C=CN

Serial number:
1bb133dcefad95

Status:
Inconclusive detections from multiple engines

Scan engine
Details
Detections

Dr.Web
Trojan.PWS.Banker1.9119, DLOADER.Trojan, Trojan.DownLoader9.17981, Trojan.PWS.Banker1.11834
57.14%

Comodo Security
Virus.Win32.Virut.CE, ApplicUnwnt.Win32.AdWare.Agent.~SM, ApplicUnwnt.Win32.AdWare.Agent.~SML, UnclassifiedMalware
42.86%

Malwarebytes
Trojan.Downloader.Small, Trojan.Downloader.Delf
35.71%

Trend Micro House Call
ADW_SETAPP, TROJ_GEN.F47V0318, TROJ_GEN.R0CBH01H913, TROJ_GEN.F47V0330
35.71%

McAfee
Artemis!87A55CA5C9A1, Artemis!5BD7D1D2A428, Artemis!7D289FE46E78, Artemis!3AFF4228C46D, Artemis!9A129EEE0A4C
35.71%

McAfee Web Gateway
Artemis!87A55CA5C9A1, Artemis!5BD7D1D2A428, Artemis!7D289FE46E78, Artemis!3AFF4228C46D, Artemis!9A129EEE0A4C
35.71%

IKARUS anti.virus
Trojan.SuspectCRC, Trojan-GameThief.Win32.Lmir, Trojan.Win32.Genome
35.71%

AhnLab V3 Security
Win-Trojan/Malpacked5.Gen, PUP/Win32.StartPage
35.71%

Bkav FE
HW32.CDB, HW32.Packed
28.57%

MicroWorld eScan
Trojan.Generic.9612330, Gen:Variant.Strictor.34583, Trojan.Win32.StartPage.bbhl
21.43%

2 / 68
wjnews.exe (by Sta)  (014c1db611c8852a47a906ab57cfe29d)

3 / 68      (PUP)
setup_open_131.exe (by Sta)  (d12f6917f6a426439669755a811714f8)

7 / 68      (Malware)
爽片播放器_7.exe  (9a129eee0a4c23ba68d2fad98bebf4f0)

14 / 68    (PUP)
setup_13.exe  (3aff4228c46da2a9a9d0af4ec942d3d6)

1 / 68
wjnewsuninstall.exe  (3ad83dc973da67d76b59a70674dd899c)

4 / 68      (inconclusive)
wjnews.exe (by Sta)  (e50cbdaeb510d01741ad70adcc7393da)

0 / 68
duilib.dll  (4b66c3b7f546371b37c0c9826dbf37f5)

0 / 68
playerupdate.exe  (319f8ee7956f7805138e179353f7b3da)

6 / 68      (Malware)
ekanplayer.exe (by Sta)  (761977c916583fbbb587801f2b8c5324)

0 / 68
zqnews.exe (by Sta)  (4d83a81966fecd87779f6bcd0cfe8203)

14 / 68    (Malware)
setup_53.exe  (7d289fe46e780573706772590c09f2fa)

6 / 68      (PUP)
setup_open_318.exe (by Sta)  (cffd5dfd79e5e7b821ec887150bd14dc)

2 / 68
wjnewsuninstall.exe  (4f08343c39829c75eae4744242625d69)

4 / 68
wjnews.exe (by Sta)  (7ff0a0b9cc3b9d7c2f0e1ba86470a94b)

7 / 68      (PUP)
setup_open_188.exe (by Sta)  (5bd7d1d2a428c27394acf2609d387cb6)

4 / 68      (inconclusive)
wjacc.exe (by Sta)  (4be28c652c03dc0265b916b1992dbe4d)

16 / 68    (PUP)
setup_open_267.exe (by Sta)  (87a55ca5c9a12ad258f964b84ae4a740)

Downloads URLs for files signed by Guangxi Nanning Shengtaian E-commerce Development Co., Ltd..

16 / 68    (PUP)
http://cnrdn.com/huj5  (setup_open_267.exe)

16 / 68    (PUP)
http://download.wuji.com/wuji/.../setup_open_3078.exe  (87a55ca5c9a12ad258f964b84ae4a740)

The following websites host and distribute files published by Guangxi Nanning Shengtaian E-commerce Development Co., Ltd..

The certificates below are also signed by Guangxi Nanning Shengtaian E-commerce Development Co., Ltd..

04071FA1A0BC9E  (Apr 09, 2013 to Apr 12, 2016)

1BE23EE2C85B88  (Jun 03, 2013 to Jul 06, 2014)

039E5E3EE7A9AB  (Jun 02, 2013 to Jul 06, 2014)

The following publishers (by Authenticode signature organization name) are related.

* Note, the details and description above are based on the code signing digital signature issued to Guangxi Nanning Shengtaian E-commerce Development Co., Ltd. by WoSign eCommerce Services Limited on July 17, 2012 with the serial number '1bb133dcefad95'.