home

Korea Network Technology Co., Ltd

Publisher Information

Korea Network Technology Co., Ltd is a software developer located in Seongnam-si, Gyeonggi-Do in Korea*. The publisher primarily developes software that can be classified as adware. There is one additional code signing certificate issued to this publisher.
Authority:
Thawte, Inc.

Valid from:
10/3/2013 9:00:00 AM

Valid to:
12/3/2014 8:59:59 AM

Subject:
CN="Korea Network Technology Co., Ltd", O="Korea Network Technology Co., Ltd", L=Seongnam-si, S=Gyeonggi-do, C=KR

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
2ab67b7c76d88a5693c0c48e34da770b

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
Bundler.SoftonicDownloader.KoreaNetworkTechnologyCo.I, PUP.KoreaNetworkTechnologyCo.L, Bundler.SoftonicDownloader.KoreaNetworkTechnologyCo.D, PUP.KoreaNet (M), PUP (M)
100.00%

Bkav FE
HW32.CDB, HW32.Packed
36.84%

Trend Micro House Call
TROJ_GEN.F47V0413, TROJ_GEN.R047H01DD14, TROJ_SPNV.03DF14, Suspicious_GEN.F47V1118, TROJ_GEN.R047H09KI14
36.84%

McAfee
RDN/Generic Downloader.x!kc, Trojan-FDFO!200B82FB5F87, Trojan-FDFO!44701E4C7B9F, generic!bg.ftt
31.58%

nProtect
Trojan/W32.KRFakeKMP.435360, Trojan/W32.KRFakeKMP.31904, Trojan/W32.KRFakeKMP.365248
26.32%

MicroWorld eScan
Trojan.GenericKD.1641283, Gen:Trojan.Heur.RP.EHX@aOEO6mpb, Gen:Variant.Symmi.6942, Gen:Trojan.Heur.PT.ey5@a83Ondp, Gen:Trojan.Heur.RP.!yXaaOjWOKf
26.32%

Bitdefender
Trojan.GenericKD.1641283, Gen:Trojan.Heur.RP.EHX@aOEO6mpb, Gen:Variant.Symmi.6942, Gen:Trojan.Heur.PT.ey5@a83Ondp, Gen:Trojan.Heur.RP.!yXaaOjWOKf
26.32%

Emsisoft Anti-Malware
Trojan.GenericKD.1641283, Gen:Trojan.Heur.RP.EHX@aOEO6mpb, Gen:Variant.Symmi.6942, Gen:Trojan.Heur.PT.ey5@a83Ondp, Gen:Trojan.Heur.RP.!yXaaOjWOKf
26.32%

G Data
Trojan.GenericKD.1641283, Gen:Trojan.Heur.RP.EHX@aOEO6mpb, Gen:Variant.Symmi.6942, Gen:Trojan.Heur.PT.ey5@a83Ondp, Gen:Trojan.Heur.RP.!yXaaOjWOKf
26.32%

Comodo Security
Application.Win32.Agent.SOFD, TrojWare.Win32.Amtar.KNB, TrojWare.Win32.Trojan.XPACK.Gen
26.32%

1 / 68      (PUP)
sdu1006.exe (STool)  (447abbe36ea837075dd36daffe1dc0c6)

1 / 68      (PUP)
lof_clientdownload.exe  (16016afb3587352a966464f8fec1daeb)

1 / 68      (PUP)
sdu1017.exe (STool)  (4ae8671b73539bf9098fc98dfef72781)

1 / 68      (PUP)
sdu1006.exe (STool)  (b39b8e08558368e120f17ced1314ff7e)

1 / 68      (PUP)
itu1022.exe (InsideTool)  (0619012da222e71c4a61e0652f9f0811)

1 / 68      (PUP)
ahnfgr.cpl  (073e10f6532875dbce30aab659d1e8bc)

1 / 68      (PUP)
ibu1002.exe (InbTool)  (045a32472ea4dc3d18a188e067f4eefc)

1 / 68      (PUP)
btu1002.exe (SbTool)  (d3b18ba6c2d374d80cb816b01c64bc90)

3 / 68      (PUP)
kuf2_ma_clientdownload.exe  (c493a6a117d2ea81b8d436798c60d25b)

11 / 68    (PUP)
svchosts.dat  (b8e00bcb880f2a9601861f1a911f89e3)

10 / 68    (PUP)
msi.dll  (3816ef010b554c86e46b71b39a22b759)

5 / 68      (PUP)
m.exe  (0a912a6c8568e8a3b9c937ce4c2a244d)

15 / 68    (PUP)
settime.exe  (44701e4c7b9f3a475152aacfb0a378f2)

3 / 68      (PUP)
msi.dll  (193523e6cc6e93df1ea822d9e6362ff6)

8 / 68      (PUP)
tmp8cfd.tmp  (a045fc52277ca50bf606d29edd9e7835)

8 / 68      (PUP)
m.exe  (200b82fb5f87d484922068f0560cf98f)

40 / 68    (Adware)
kmp.exe (Softonic Downloader by Softonic)  (ccd8bea487da0327af830ce702d459d7)

12 / 68    (PUP)
midimapbits.dll (Microsoft UpdateApps by Microsoft)  (ab6aa9ac9db87d8f2343f11ca84952d5)

6 / 68      (Adware)
kmp_3.2.0.0.exe (Softonic Downloader)  (29d1e1a9d5fc5b1355fa67e17fb08531)

Downloads URLs for files signed by Korea Network Technology Co., Ltd.

3 / 68      (PUP)
http://kuf2.mmog.asia/client?ac=fullclient  (kuf2_ma_clientdownload.exe)

The following websites host and distribute files published by Korea Network Technology Co., Ltd.

kuf2.mmog.asia

The following certificate is also signed by Korea Network Technology Co., Ltd.

5EFE630C3BF8B3880508986E0EDD9505  (Oct 26, 2012 to Oct 27, 2013)

* Note, the details and description above are based on the code signing digital signature issued to Korea Network Technology Co., Ltd by Thawte, Inc. on October 03, 2013 with the serial number '2ab67b7c76d88a5693c0c48e34da770b'.
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.