» MY POP SHOP LTD
Digital Signature
Analysis
Files (39)
Downloads (4)
Domains (1)
Distribution (4)
Related (43)

MY POP SHOP LTD

Publisher Information

MY POP SHOP LTD is a software developer located in HERZLIYA, Israel*. The company is a primary distributor of unwanted software. Thre are 3 additional code signing certificates issued to this publisher.

Authority:

COMODO CA Limited

Valid from:

7/21/2014 9:00:00 PM

Valid to:

7/22/2015 8:59:59 PM

Subject:

CN=MY POP SHOP LTD, O=MY POP SHOP LTD, STREET=14 Shenkar Arie, L=HERZLIYA, S=NA, PostalCode=46725, C=IL

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

35094c1df20178f98b53d36de3005002

Scanner detections:

Detections (100% detected)

Scan engine

Details

Detections

Reason Heuristics

PUP.MYPOPSHOP.I, PUP.MYPOPSHOP.J, PUP.MYPOPSHOP.W, PUP.Resoft.MYPOPSHOP, PUP.MYPOPSHOP.K, PUP.MYPOPSHOP.G, PUP.MYPOPSHOP.P, PUP.Resoft.MYPOPSHOP (M), PUP.Resoft.MYPOPSHO (M), PUP.Resoft.MYPOPSHO.Installer (M), PUP.Resoft (M)

100.00%

AVG

Mypopshop, Generic5, Win32/Slugin.A

46.15%

VIPRE Antivirus

Threat.4729122, Trojan.Win32.Generic, Threat.4314870, Adware.Linkury

20.51%

Trend Micro House Call

ADW_LINKURY, PE_WPLUG.A, Suspicious_GEN.F47V0906, Suspicious_GEN.F47V0613, Suspicious_GEN.F47V0827, Suspicious_GEN.F47V0917

20.51%

NANO AntiVirus

Riskware.Win32.Linkury.dcvwxz, Virus.Win32.Slugin.ddowbn

17.95%

Kaspersky

Packed.Win32.Krap, not-a-virus:AdWare.MSIL.PennyBee, Virus.Win32.Slugin, not-a-virus:AdWare.Win32.Agent, not-a-virus:AdWare.Win64.PennyBee

17.95%

Avira AntiVirus

TR/Trash.Gen, APPL/Linkury.G.2, W32/Slugin.A, APPL/Linkury.B, TR/Linkury.H

17.95%

G Data

Adware.Smartbar, Win32.SlugIn, Adware.PUQP, Adware.Linkury, Win32.Trojan.Agent.JBC3MA

17.95%

Emsisoft Anti-Malware

Adware.Smartbar.O, Win32.SlugIn, Adware.PUQP, Adware.Linkury

15.38%

MicroWorld eScan

Adware.Smartbar.O, Win32.SlugIn.A, Adware.PUQP, Adware.Linkury.B

15.38%

1 / 68 (Adware)

310714_y3.exe (15ff77936e31237612a321bca08ace34)

1 / 68 (Adware)

tmp00000001623fdcb64287e542 (d8dbd2156e1ef16262918ad7d1874657)

1 / 68 (Adware)

tmp0000000208ed25c5af86fd08 (d3b5d37b0320c6a56d3070b7598aa7dc)

1 / 68 (Adware)

tmp000000047c25aa1785a73da8 (823d6f21bcd3116771c7824274c527dd)

1 / 68 (Adware)

tmp00000004eecbbf33b47f9434 (PennyBee) (66a1e0de3b6502706f4f182afbb3db54)

1 / 68 (Adware)

dealplyinstallerhelper.dll (85d70caab2321d1feb6bed0e61857584)

1 / 68 (Adware)

g3gmupj85nzoipiv_y3.exe (PennyBee) (5cb351f620fd46a024a0cd886c385ca5)

1 / 68 (Adware)

pm.exe (PennyBee) (8fee0b894b76c9ffa0b2043743bbf4dc)

1 / 68 (Adware)

tmp00000001687035f05670c0da (d57de42f9f42521fbc61065fb694f5de)

1 / 68 (Adware)

tmp0000000135a8b4a822b457c8 (a13b79b4ff399a8d819d185a9f2c3578)

1 / 68 (Adware)

y3n7o0ffkrbj_y3.exe (PennyBee) (ebfad7de6f727611f1dc657145b66844)

1 / 68 (Adware)

tmp000000025c253fbb6bf79773 (e1e17584e44bf722020c886f6c253ada)

4 / 68 (Adware)

tmp00000001af58e4ec2d1edd79 (631e9a80481c4d91afc615752235599d)

1 / 68 (Adware)

dr5vkokoonnihbdxau1lw9qhw1xdr5vkokoonnihbdxau1lw9qhw1x_y3.exe (1039b0c797dea9285433a285e2c59cba)

1 / 68 (Adware)

pm.exe (PennyBee) (1dbf9c7705b576c550059f8c2d995ea5)

1 / 68 (Adware)

tmp00000001dfe2c03f76392e24 (e5d6e5ee8dfda7281fd5e8b400fd3699)

1 / 68 (Adware)

tmp00000003da9b3336397dc633 (8dd2b70e099c2c085ba03f4a9796c4e8)

1 / 68 (Adware)

trza748.tmp (9b9df0a1aa4fad28d73fd6b95bb377e0)

1 / 68 (Adware)

tmp00000048d2102a56b4607dc1 (e7dabe8fbfe86eef1ba76e49923c71b6)

3 / 68 (Adware)

ntdis_64.dll (82590e8f127d6453781922bf11b6b8f4)

5 / 68 (Adware)

ntdis_32.dll (8d737a4e07fbbc10f2b15880752ceffb)

2 / 68 (Adware)

ntdisie_32.dll (0e621a88e1d56670cfb575b2b7649474)

2 / 68 (Adware)

smia64.exe (Smartbar.Monetization.InjectApp) (78938c018944e64d389c53f8f9a40fc3)

14 / 68 (Adware)

dealplyinstallerhelper.dll (997d81b0ca72aac18f966081ce130247)

8 / 68 (Adware)

OfferBoulevardW.exe (PennyBee) (ad7120e00c0aea09d5b24832db907a75)

13 / 68 (Adware)

offerblvd.exe (Offer Boulevard) (ce4a1accca325f719acd6a8a3af5b13c)

10 / 68 (Adware)

ntdis_64.dll (992d646b646938cf10709a01463580d5)

3 / 68 (Adware)

ntdis_32.dll (ae7cf8180a8c79070ececc62a03aabde)

2 / 68 (Adware)

ntdisie_32.dll (dd079142668931767804c78be7c9e5d9)

2 / 68 (Adware)

smia64.exe (Smartbar.Monetization.InjectApp) (88b00dd09428df107b890eec24702b52)

Latest 30 of 39 files

Downloads URLs for files signed by MY POP SHOP LTD.

22 / 68 (Adware)

http://2ndrequest.me/.../310714_y3.exe (6f67e1b655f1eeada317bb65207d3827)

22 / 68 (Adware)

http://www.hakoonportal.net/.../310714_y3.exe (6f67e1b655f1eeada317bb65207d3827)

22 / 68 (Adware)

http://www.2ndrequest.me/.../310714_y3.exe (6f67e1b655f1eeada317bb65207d3827)

13 / 68 (Adware)

http://dm930xmxv1gqs.cloudfront.net/bundles/.../offerBLVD.exe (ce4a1accca325f719acd6a8a3af5b13c)

Domains

Top-level domains owned by MY POP SHOP LTD.

shopop.me

Distribution

The following websites host and distribute files published by MY POP SHOP LTD.

www.hakoonportal.net

2ndrequest.me

www.2ndrequest.me

dm930xmxv1gqs.cloudfront.net

The certificates below are also signed by MY POP SHOP LTD.

00958B06B6A7C969725A449A396AFA1FDB (Nov 18, 2013 to Nov 19, 2015)

00B739C4F756EE55FB750952CE570BE48B (Jul 22, 2014 to Jul 23, 2015)

4A7D93FD75281A37A4ADCDCD636D3ADB (Jul 07, 2014 to Jul 08, 2015)

The following publishers (by Authenticode signature organization name) are related.

MIDIA TECHNOLOGIES LLC

30 of 43 publishers

* Note, the details and description above are based on the code signing digital signature issued to MY POP SHOP LTD by COMODO CA Limited on July 21, 2014 with the serial number '35094c1df20178f98b53d36de3005002'.

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.