Koyote-Lab Inc.

Publisher Information

Koyote-Lab Inc. is a software developer located in Panama City, Panama*. The publisher primarily developes software that can be classified as adware. Thre are 3 additional code signing certificates issued to this publisher.
Remove Koyote-Lab Inc. Malware - Powered by Reason Core Security
Authority:
Thawte, Inc.

Valid from:
12/5/2013 3:00:00 AM

Valid to:
2/22/2016 2:59:59 AM

Subject:
CN=Koyote-Lab Inc., OU=DEV, O=Koyote-Lab Inc., L=Panama City, S=Panama, C=PA

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
6dc36cf26d6f48fbedf0a4f4506380d0

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.APN.Bandoo (M), PUP.Bandoo.KoyoteLab (M), PUP.Bandoo.KoyoteLab.Installer (M)
100.00%

AVG
Koyote, SearchSuite, Potentially harmful program Toolbar.SearchSuite, Win32/Zbot.G
50.00%

G Data
Win32.Application.Searchsuite, Win32.Application.KoyoteLab
46.00%

ESET NOD32
probably Win32/Toolbar.SearchSuite.Q potentially unwanted application, Detection.Undefined, Win32/Soffer.A potentially unwanted application
44.00%

McAfee
SearchSuite, Artemis!CFE1A5F69A1D
34.00%

K7 AntiVirus
Unwanted-Program , Virus
34.00%

K7 Gateway Antivirus
Unwanted-Program , Virus
34.00%

McAfee Web Gateway
SearchSuite, Artemis!CFE1A5F69A1D
34.00%

Sophos
SearchSuite, Generic PUA EG
32.00%

IKARUS anti.virus
PUA.Toolbar.SearchSuite, AdWare.Visicom, PUP.Toolbar
30.00%

25 / 68    (PUP)
pack.exe (7-Zip by Igor Pavlov)  (0879b8918755b61cbff10c773a2ab3fc)

15 / 68    (PUP)
mediabar.exe (7-Zip by Igor Pavlov)  (227d28fa158352fe5f20a3f1a8bf0e61)

1 / 68      (PUP)
starter.exe  (cfc8e2f1fc0d9b346059767597ff2165)

1 / 68      (Adware)
del_dm_ll_nsk8a2b.dll  (adab682030e361bdd1251ef7072357a6)

1 / 68      (Adware)
del_mg_nsk8a2b.dll  (6171cc53dd34aa95fa1d83c2117fb927)

1 / 68      (Adware)
del_dm_dll_nsk8a2b.dll (Data Manager by Koyote-Lab)  (2966be2456d5618ffefdf2ba57633e9b)

1 / 68      (Adware)
del_dm_ll_nsidefc.dll  (89d9598a546bac742ed2c190032e8d93)

1 / 68      (Adware)
del_dm_ll_nsidefc.dll  (5825202868368e18e51989dde2cbf6ef)

42 / 68    (PUP)
pack.exe (7-Zip by Igor Pavlov)  (f5223ddda0446a5b0636a0ed3ae58d91)

15 / 68    (PUP)
mediabar.exe (7-Zip by Igor Pavlov)  (2f0c24c5aa0854d349ae3918e40957fd)

3 / 68      (PUP)
ffextension.exe (7-Zip by Igor Pavlov)  (e6d37e2f08843b8c27a8e40e6b034605)

1 / 68      (PUP)
starter.exe  (ab3c37079ce6e29cd76bb77a20236587)

1 / 68      (Adware)
helper.dll  (588ef5ff4171707403cab2b8e5d9757a)

16 / 68    (PUP)
soffer.dll (TODO: <Product name> by TODO: <Company name>)  (0ac28f0d7dba4f3dbe1cc162df0f6720)

25 / 68    (PUP)
pack.exe (7-Zip by Igor Pavlov)  (0870d7a5797d7fcb1a6887bd6d8aa6c2)

15 / 68    (PUP)
mediabar.exe (7-Zip by Igor Pavlov)  (c20e080f7d13e726048febc4ed3a0645)

1 / 68      (PUP)
uninstall.exe (Free FLV Converter by Koyote-Lab Inc)  (b5d7f13c233a1b6b74d0922a529431fd)

15 / 68    (PUP)
mediabar.exe (7-Zip by Igor Pavlov)  (1d48f4e107212e60c022e6cfe4022e1b)

3 / 68      (PUP)
ffextension.exe (7-Zip by Igor Pavlov)  (a6bc665d29d43bdbb01b99d7a9a95a1b)

1 / 68      (PUP)
starter.exe  (b67ffe486208bd44d615d235c2793e0f)

1 / 68      (Adware)
helper.dll  (44f578e4b2307d3ab167e5b073e69452)

1 / 68      (PUP)
starter.exe  (e9086dcb8f8b3687f611d89c8c27d483)

1 / 68      (Adware)
del_mg_nsw4677.dll  (978669284d1862ee8e61b02d60dbfd7a)

10 / 68    (PUP)
datamngrhlpff9.dll (Data Manager by Koyote-Lab)  (468e61f7c312cfcebc07611a6aeaf39e)

10 / 68    (PUP)
datamngrhlpff8.dll (Data Manager by Koyote-Lab)  (cbd4d75239c696b8cb45d107811c63f7)

9 / 68      (PUP)
datamngrhlpff7.dll (Data Manager by Koyote-Lab)  (f57e389ba1e357af52ff316a6c971595)

4 / 68      (PUP)
datamngrhlpff6.dll (Data Manager by Koyote-Lab)  (752e2472b52c2c002fec709e7e54c3ab)

10 / 68    (PUP)
datamngrhlpff5.dll (Data Manager by Koyote-Lab)  (15376b3b5ae053e7c890f58354fe575d)

10 / 68    (PUP)
datamngrhlpff4.dll (Data Manager by Koyote-Lab)  (b787f049dbf8a3347b6b1583b94b8086)

10 / 68    (PUP)
datamngrhlpff25.dll (Data Manager by Koyote-Lab)  (8ae6716f7f09c4e3a76610a63cd3434f)

 
Latest 30 of 470 files

The certificates below are also signed by Koyote-Lab Inc..

05787E08EB7454E434F666A81F251A2D  (Feb 12, 2014 to Feb 22, 2016)

5D8843D240CE142A4D70B9208C8B2B7D  (Oct 26, 2015 to Feb 21, 2016)

7AD16C59E384A2E3D38D2287483F9B2B  (Feb 22, 2012 to Feb 21, 2014)

The following publishers (by Authenticode signature organization name) are related.

Remove Koyote-Lab Inc. Malware - Powered by Reason Core Security
* Note, the details and description above are based on the code signing digital signature issued to Koyote-Lab Inc. by Thawte, Inc. on December 05, 2013 with the serial number '6dc36cf26d6f48fbedf0a4f4506380d0'.