LLC Mail.Ru

Publisher Information

LLC Mail.Ru is a software developer located in Moscow, Russia*. Thre are 10 additional code signing certificates issued to this publisher.
Remove LLC Mail.Ru Malware - Powered by Reason Core Security
Authority:
Thawte, Inc.

Valid from:
1/14/2014 3:00:00 AM

Valid to:
3/15/2016 2:59:59 AM

Subject:
CN=LLC Mail.Ru, O=LLC Mail.Ru, L=Moscow, S=Moscow, C=RU

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
391be08ad60c2810187d12419bf289d9

Scanner detections:
Malware distribution  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
Win32.Generic
100.00%

Sophos
RsMall
22.00%

AVG
MalSign.Generic
20.00%

VIPRE Antivirus
Trojan.Win32.Generic!SB.0
18.00%

Avira AntiVirus
APPL/LoadMoney.O.2
18.00%

Antiy Labs AVL
Worm/Win32.VB
18.00%

Kingsoft AntiVirus
Win32.TrojDownloader.Agent.yn.(kcloud)
18.00%

Trend Micro House Call
TROJ_GEN.F47V0428, TROJ_GEN.F47V0205
4.00%

Rising Antivirus
PE:Trojan.RuMail!1.6574
4.00%

McAfee
Artemis!15145398473E, Artemis!1F5841A47362
4.00%

1 / 68      (Malware)
ask_fm_i_like_automatic.exe  (6fee6386b974c067c165a66fe5ffa7d5)

1 / 68      (Malware)
za_ruku_derji.exe  (bf84bce41ebc5bf11e03072ba5c75d1b)

1 / 68      (Malware)
tolko.exe  (2997057f525bd4ecc2b80594cd0a9b38)

1 / 68      (Malware)
razluka.exe  (c5f70e68db335e2e77c6f3c15f09d8d1)

1 / 68      (Malware)
one_day.exe  (02a2547a69a7eb5c337c3f9f049ed291)

1 / 68      (Malware)
one_day.exe  (2ac1320efd4e1efa938211004301a2b1)

1 / 68      (Malware)
naydu.exe  (74540daaa4e0f30bdf6e5533d9b99ed0)

1 / 68      (Malware)
muzyka_lyubvi.exe  (3ca64d14273c243c4f99d61d7d2706b9)

1 / 68      (Malware)
muzyka_lyubvi.exe  (d4e3b99b15eb1fdea881228fa60c13ff)

1 / 68      (Malware)
muzyka_lyubvi.exe  (b3398daf1f150211a348345d5baf8d8a)

1 / 68      (Malware)
muzyka_lyubvi.exe  (0b2afa095db357eabbe5a4ff0798d713)

1 / 68      (Malware)
muzyka_lyubvi.exe  (4deb676696976dea56e90f95137fc5d4)

1 / 68      (Malware)
jenskaya_vesna.exe  (5f961c4d5ca9c084f4a830027d350a86)

1 / 68      (Malware)
jenskaya_vesna.exe  (e35026d5035737ce938c80e8ac3cbf7c)

1 / 68      (Malware)
jenskaya_vesna.exe  (e8b26bb1cb24a35929751d5e49b3e891)

1 / 68      (Malware)
jenskaya_vesna.exe  (0e763e672de01c5fdfe07e98d20d99b8)

1 / 68      (Malware)
jenskaya_vesna.exe  (65a9f3f8e657ecea5093da0a7493f28d)

1 / 68      (Malware)
jenskaya_vesna.exe  (ef24245a47863c4628a87894cd7f3fba)

1 / 68      (Malware)

7 / 68      (PUP)
magentsetup.exe (by Mail.Ru)  (64d664a6a4d4e368a536ea30de0c95df)

7 / 68      (PUP)
magent_rfrtoken_1079.exe (by Mail.Ru)  (777dad83aa90b3c6ccc738504b0c35ed)

7 / 68      (PUP)
magentsetup.exe (by Mail.Ru)  (ce2fe7009c3f1da240fd5f8e72e497a8)

1 / 68      (Malware)
pwloaderm.exe (GameCenter@Mail.Ru by LLC Mail.Ru)  (b54fef1f82c01f570d6f087f476a9832)

7 / 68      (Malware)
spt_tmp_n.exe (MailRuSputnik)  (770e496dda3b26a15a4e81b9ecf76a10)

1 / 68      (Malware)
magent_rfrtoken_1150.exe (by Mail.Ru)  (d3551a43ace41cedf54138662f233875)

7 / 68      (Malware)
mailruhomesearch.exe (MailRuSputnik)  (e0f8de763fc6dcedf99c8099e8c3273c)

7 / 68      (PUP)
magentsetup.exe (by Mail.Ru)  (b2c143616e6d485db84bcabdff4bfbdd)

1 / 68      (Malware)
skypesetup.exe  (100c06f0518dee554527476c06be0794)

1 / 68      (Malware)
skypesetup.exe  (12b2e2cdb5982f9d52d7f379684ebce8)

1 / 68      (Malware)
skypesetup.exe  (45fbaeab131217edcf17e7751320a5c9)

 
Latest 30 of 391 files

Downloads URLs for files signed by LLC Mail.Ru.

7 / 68      (PUP)
http://rfr.agent.mail.ru/magent_rfr1151.exe  (ff5399bc72f852d1c70b3b98edd84c73)

The certificates below are also signed by LLC Mail.Ru.

A1AC1F0525FC5E904E0C263610190BDA  (Oct 14, 2015 to Jan 01, 2040)

2019877A933D8E2E71548EA4AB4827F1  (Aug 06, 2015 to Oct 05, 2017)

10F4D809B7AA340870993C0042347814  (Aug 06, 2015 to Oct 05, 2017)

07D04895757AB4AD4797D7585C09F8EE  (Aug 13, 2014 to Aug 13, 2016)

3C484F9655CF5CDDA51678E773A55BF3  (Aug 19, 2014 to Aug 13, 2016)

4064B704BBD70C3D1B5A2DDA4F5ECB66  (Jan 28, 2015 to Apr 29, 2016)

169A089D186F350CBB6B5EC62D8A59AB  (Aug 20, 2014 to Aug 21, 2015)

7BB5DEC99F34595AADEB59E1E5A0BD73  (Mar 19, 2014 to Mar 20, 2015)

1C09DBBC732D4B58F7A88EBACF323417  (Dec 08, 2011 to Feb 06, 2014)

18187BCC2DAF1EDD44A2F454900EC5DC  (Jan 10, 2010 to Jan 11, 2012)

10 of 10 code signing certificates issued

Remove LLC Mail.Ru Malware - Powered by Reason Core Security
* Note, the details and description above are based on the code signing digital signature issued to LLC Mail.Ru by Thawte, Inc. on January 14, 2014 with the serial number '391be08ad60c2810187d12419bf289d9'.