home

Kapa

Publisher Information

Kapa is a software publisher located in Caimen, Ilsend in the United States*.
Authority:
getaCert - www.getacert.com

Valid from:
4/12/2015 10:19:44 AM

Valid to:
6/11/2015 10:19:44 AM

Subject:
E=support@msdkk.com, CN=Wonderwall, OU=Deilm, O=Kapa, L=Caimen, S=Ilsend, C=US

Issuer:
O=getaCert - www.getacert.com, L=Seattle, S=Washington, C=US

Serial number:
0e8e

Scanner detections:
Malware distribution  (86% detected)

Scan engine
Details
Detections

avast!
Win32:Broban-AR [Trj]
100.00%

Emsisoft Anti-Malware
Trojan.GenericKD.2293356, Trojan.GenericKD.2295841, Trojan.GenericKD.2300354, Trojan.GenericKD.2298055, Gen:Variant.Barys.52025
100.00%

MicroWorld eScan
Trojan.GenericKD.2293356, Trojan.GenericKD.2295841, Trojan.GenericKD.2300354, Trojan.GenericKD.2298055, Trojan.GenericKD.2301880
83.33%

nProtect
Trojan.GenericKD.2293356, Trojan.GenericKD.2295841, Trojan.GenericKD.2300354, Trojan.GenericKD.2298055, Trojan.GenericKD.2301880
83.33%

McAfee
RDN/Generic.dx!dpz, RDN/Generic.dx!dqt, RDN/Generic.dx!dqd, RDN/PWS-Banker!dw, Artemis!527C5EB61A02
83.33%

K7 AntiVirus
Trojan
83.33%

NANO AntiVirus
Trojan.Win32.DownLoader12.dqmscq, Trojan.Win32.Inject.dqyfzx, Trojan.Win32.Kryptik.dqtdmj, Trojan.Win32.Banload.dqmscs, Trojan.Win32.Steam.dqqhap
83.33%

ESET NOD32
Win32/TrojanDownloader.Banload.VSA, MSIL/Kryptik.BRU (variant)
83.33%

Trend Micro House Call
TROJ_BROBAN.LOD, TROJ_BROBAN.SMLO, TROJ_GEN.R015B01DN15
83.33%

Kaspersky
Trojan.MSIL.Inject, Trojan.MSIL.Kryptik, Trojan-Downloader.MSIL.Banload
83.33%

0 / 68
chrome.exe (kWeqWCjw)  (eb1fdce8fa624a2a63cbdfb51f5a4484)

26 / 68    (Malware)
img_16042015.scr.exe (SJxlmFto)  (527c5eb61a02294c82a9e57e2e90cfa1)

4 / 68      (Malware)
funds transfer details.exe (OYiITdyN)  (f6147862c1d467541ec5ef10d08ed599)

30 / 68    (Malware)
infracaodetran.exe (mCxhtjyD)  (8579fa2e2e6dbffd1a793dd4a996a553)

37 / 68    (Malware)
não confirmado 385818.crdownload (YDtwlqfn)  (2773d04f78218200c9cfeae2411318c1)

26 / 68    (PUP)
image14042015.scr (pSYKJkCk)  (097734173486e1c25303d44c6e938716)

37 / 68    (Malware)
contratoassinar.exe (grVfkdDH)  (4f266ee3109d8332d3810fae51865220)

Downloads URLs for files signed by Kapa.

30 / 68    (Malware)
https://storage.googleapis.com/.../InfracaoDetran.exe  (8579fa2e2e6dbffd1a793dd4a996a553)

37 / 68    (Malware)
https://storage.googleapis.com/.../ContratoAssinar.exe  (4f266ee3109d8332d3810fae51865220)

37 / 68    (Malware)
https://storage.googleapis.com/.../ContratoAssinar.exe  (4f266ee3109d8332d3810fae51865220)

The following websites host and distribute files published by Kapa.

storage.googleapis.com

The following publishers (by Authenticode signature organization name) are related.

IMALI – N.I. MEDIA LTD

Vectric Limited

PSEUDiO Ltd

OOO DIGITAL VEI

OOO Advert M

DigiExam Solutions Sweden AB

Dinosaur

Power Software Limited

Adverts Technologies

Digital Vei,OOO

OOO Kod Intertainment

OOO Next Point

OOO DIGITAL MEMORI

Steak House

EVO DIGITAL MEDIA CONSULTORIA E TECNOLOGIA LTDA

OOO Digital

OOO DIGITAL ZON

Disc Soft Ltd

Telegram Messenger LLP

Adverts Alliance

think-cell Software GmbH

Code Sector

OOO Digital Servis

Switch Communications, Inc.

SAPO

One Call Ltd

OOO Digital Zone

Motorola Mobility Inc.

Irfan Skiljan

Bluefire Productions, LLC

30 of 71 publishers

* Note, the details and description above are based on the code signing digital signature issued to Kapa by getaCert - www.getacert.com on April 12, 2015 with the serial number '0e8e'.
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.