home

KoreaMediaLab Co.,Ltd

Publisher Information

KoreaMediaLab Co.,Ltd is a software developer located in Gangnam-gu, Seoul in Korea*. The publisher primarily developes software that can be classified as adware. There is one additional code signing certificate issued to this publisher.
Authority:
Thawte, Inc.

Valid from:
6/24/2014 9:00:00 AM

Valid to:
6/25/2015 8:59:59 AM

Subject:
CN="KoreaMediaLab Co.,Ltd", O="KoreaMediaLab Co.,Ltd", L=Gangnam-gu, S=Seoul, C=KR

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
22ff221eee3921fb5ad4751545e33d41

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.KoreaMediaLabCoLtd.L, PUP.Installer.KoreaMediaLabCoLtd.U, PUP.Startup.KoreaMediaLabCoLtd.L, PUP.Installer.KoreaMediaLabCoLtd.Q, PUP.KoreaMediaLab.Installer (M), PUP.KoreaMed.Installer (M), PUP (M)
100.00%

Trend Micro House Call
Suspicious_GEN.F47V0626, Suspicious_GEN.F47V0711, Suspicious_GEN.F47V0813, Suspicious_GEN.F47V0708, Suspicious_GEN.F47V1028, Suspicious_GEN.F47V1105, TROJ_GEN.R02SH05AD15
30.77%

AhnLab V3 Security
PUP/Win32.MediaLab, PUP/Win32.MediaUpdate
30.77%

Dr.Web
DLOADER.Trojan
26.92%

McAfee
Artemis!5E9F9DD8B917, Artemis!376B0797F062, Artemis!B3A7BC3FEAB4, Artemis!D60F4D1D6514, Artemis!8F82C1394862, Artemis!DCD38FAB5A61
26.92%

VIPRE Antivirus
Trojan.Win32.Generic!SB.0
19.23%

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h
19.23%

SUPERAntiSpyware
Trojan.Agent/Gen-Agent
15.38%

avast!
Win32:Malware-gen
7.69%

Clam AntiVirus
Win.Adware.Agent-7725
3.85%

1 / 68      (PUP)
mediaupdatesetup.ca.exe (MediaUpdate by KoreaMediaLab Co.,Ltd)  (6df4e124bc549be939febe3238712f12)

1 / 68      (PUP)
~tmp_file_010.exe (OffManager by KoreaMediaLab Co.,Ltd)  (598f1a7ca06f623ec81d5e3a50df1398)

1 / 68      (PUP)
offmanager.exe (OffTimer by KoreaMediaLab Co.,Ltd)  (f62e5955ef57c0142a97381fb0279c2e)

1 / 68      (PUP)
MediaUpdateSetup.exe (MediaUpdate by KoreaMediaLab Co.,Ltd)  (507c16ab4d850c219777ab7789573ef5)

1 / 68      (PUP)
MediaUpdate.exe (Media Update by KoreaMediaLab Co.,Ltd)  (4f5c0ef3715334a3da9aca4b82a5f2c3)

1 / 68      (PUP)
offmanagersetup.da.12.exe (OffManager by KoreaMediaLab Co.,Ltd)  (d0f8af2b055c9b2b38b82d7ada400665)

1 / 68      (PUP)
mediaupdatesetup.aa.09.exe (MediaUpdate by KoreaMediaLab Co.,Ltd)  (9cd6125073f7191fbb98f96ed0f9cd02)

1 / 68      (PUP)
mediaupdatesetup.aa.05.exe (MediaUpdate by KoreaMediaLab Co.,Ltd)  (51be18d775e8a21768bf34052363dd6b)

1 / 68      (PUP)
offmanagersetup.da.03.exe (OffManager by KoreaMediaLab Co.,Ltd)  (22a9c4d24f79672240278617d60aa535)

1 / 68      (PUP)
MediaUpdateSetup.exe (MediaUpdate by KoreaMediaLab Co.,Ltd)  (cec86630d76acd9a614d5e243f1fdee6)

9 / 68      (PUP)
MediaUpdateSetup.exe (MediaUpdate by KoreaMediaLab Co.,Ltd)  (dcd38fab5a61537d87270c9433dcee31)

3 / 68      (PUP)
offmanagersetup.da.11.exe (OffManager by KoreaMediaLab Co.,Ltd)  (453abe5f60493b927a71f9ad56dbe170)

1 / 68      (PUP)
mediaupdatesetup.exe (OffManager by KoreaMediaLab Co.,Ltd)  (08eaecb3d8fede9ce58d1db41913a41a)

3 / 68      (PUP)
MediaUpdate.exe (MediaUpdate by KoreaMediaLab Co.,Ltd)  (c2237d9dddd15672a13a43c7a171c408)

1 / 68      (PUP)
mediaupdatesetup.ba.exe (Media_Update by KoreaMediaLab Co.,Ltd)  (ca67d823d9163eb3f1fba3c38ff630d0)

3 / 68      (PUP)
offmanagersetup.da.09.exe (OffManager by KoreaMediaLab Co.,Ltd)  (8f82c13948621bc3906a3b478a37853a)

2 / 68      (PUP)
offmanagersetup.da.02.exe (OffManager by KoreaMediaLab Co.,Ltd)  (886f384dbaee7ba696b0e5a116bd9271)

2 / 68      (PUP)
OffManager.exe (OffManager by KoreaMediaLab Co.,Ltd)  (2c8be8d92fb74f7a85807cfe17aef6fb)

2 / 68      (PUP)
offmanagersetup.da.09.exe (OffManager by KoreaMediaLab Co.,Ltd)  (bb66209a78631cdd0d1faa348a5724dd)

2 / 68      (PUP)
offmanagersetup.da.10.exe (OffManager by KoreaMediaLab Co.,Ltd)  (cdf415d5bffe0f0fc456982b544214d9)

2 / 68      (PUP)
offmanagersetup.da.02.exe (OffManager by KoreaMediaLab Co.,Ltd)  (6dda43a3ccec68589325522a6175d394)

8 / 68      (PUP)
MediaUpdateSetup.exe (MediaUpdate by KoreaMediaLab Co.,Ltd)  (d60f4d1d651423afe23aa7b24722ed73)

5 / 68      (PUP)
MediaUpdate.exe (MediaUpdate by KoreaMediaLab Co.,Ltd)  (b3a7bc3feab4bb0cb818bb60e3650266)

8 / 68      (PUP)
mediaupdatesetup.aa.03.exe (MediaUpdate by KoreaMediaLab Co.,Ltd)  (376b0797f062cc6e6b06609587bc1e19)

8 / 68      (PUP)
mediaupdatesetup.aa.02.exe (MediaUpdate by KoreaMediaLab Co.,Ltd)  (af6128619febfa0f9053a47573febce4)

6 / 68      (PUP)
MediaUpdate.exe (MediaUpdate by KoreaMediaLab Co.,Ltd)  (5e9f9dd8b917c60f97138a68a36ba141)

Downloads URLs for files signed by KoreaMediaLab Co.,Ltd.

2 / 68      (PUP)
http://update.mediaupdate.co.kr/.../OffManagerSetup.DA.02.exe  (6dda43a3ccec68589325522a6175d394)

The following websites host and distribute files published by KoreaMediaLab Co.,Ltd.

update.mediaupdate.co.kr

The following certificate is also signed by KoreaMediaLab Co.,Ltd.

7A984C70ECAE425D8D47CD96DDC838  (Jun 12, 2015 to Jul 12, 2017)

* Note, the details and description above are based on the code signing digital signature issued to KoreaMediaLab Co.,Ltd by Thawte, Inc. on June 24, 2014 with the serial number '22ff221eee3921fb5ad4751545e33d41'.
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.