» NOS
Digital Signature
Files (29)
Downloads (13)
Distribution (2)
Related (723)

NOS

Publisher Information

NOS is a software developer located in Lisboa, Portugal*.

Authority:

NOS

Valid from:

6/20/2015 11:41:20 AM

Valid to:

6/20/2025 11:41:20 AM

Subject:

E=noreply@nos.pt, CN=www.nos.pt, O=NOS, L=Lisboa, S=Lisboa, C=PT

Issuer:

E=noreply@nos.pt, CN=www.nos.pt, O=NOS, L=Lisboa, S=Lisboa, C=PT

Serial number:

00d1546373fc3b466d

Status:

Inconclusive detections from multiple engines

Scan engine

Details

Detections

Qihoo 360 Security

HEUR/QVM03.0.Malware.Gen, Win32/Backdoor.b44, Win32/Trojan.c1c, Win32/Trojan.bd4, Win32/Trojan.Dropper.787

58.82%

avast!

Win32:Malware-gen, MSIL:Banker-CF [Trj], Win32:Banker-MAY [Trj], MSIL:Banker-BM [Trj], MSIL:Banker-EF [Trj], MSIL:Banker-BE [Trj]

58.82%

ESET NOD32

MSIL/TrojanDownloader.Banload.DZ, MSIL/TrojanDownloader.Small.XM, MSIL/TrojanDownloader.Banload.DZ (variant), MSIL/Injector.KPI (variant)

47.06%

AhnLab V3 Security

Trojan/Win32.Dynamer, Malware/Win32.Generic

47.06%

Dr.Web

Trojan.DownLoad3.37774, Trojan.PWS.Multi.1730, Trojan.DownLoader14.37204, Trojan.Bankfraud.2852

47.06%

Microsoft Security Essentials

TrojanDownloader:MSIL/Limao.A, Threat.Undefined, Trojan:Win32/Dynamer!ac, Trojan:MSIL/Toauta!rfn, VirTool:MSIL/Obfuscator.BW

47.06%

Avira AntiVirus

TR/Banload.aiogra.152, TR/Dldr.Agent.196656, TR/Injector.130096, TR/Dropper.MSIL.70746, TR/Injector.254512, TR/Dldr.Agent.208944, TR/Banload.aiogra.46

41.18%

Fortinet FortiGate

MSIL/Small.XM!tr.dldr, MSIL/Banload.DZ!tr.dldr, W32/Androm.HLHQ!tr.bdr, W32/Androm.HMBX!tr.bdr, W32/Androm.HKKP!tr.bdr, MSIL/Injector.KHB!tr

41.18%

McAfee

RDN/PWS-Banker!dy, RDN/Generic Downloader.x, Trojan.Artemis!9D532D956C22, RDN/Generic.dx!d2w, Trojan.Artemis!47AEC9FD2115

41.18%

Sophos

Mal/Generic-S

35.29%

2 / 68 (inconclusive)

35bmfgke40.exe (3fe43d834c93f5264222c9b84154c520)

0 / 68

pendencias.exe (44bfa05b75f23097428ab80ec83b2179)

3 / 68 (inconclusive)

flashplayer18.exe (3a0882cb1de2fa1388e28654b64aadb7)

32 / 68 (Malware)

adobe-flash-player.exe (0fca44940efa9c214583246a742ad3e8)

33 / 68 (Malware)

boleto_2via_vencido_pdf.exe (50c8d4a1457b26990b63796108afe7eb)

0 / 68

sandisk.exe (xblm) (5817aa83f21e8e08eacb1cb4a9c16634)

0 / 68

hdg95crcg1er.exe (e44986400151056a251e8f7b6ea9c2fc)

8 / 68 (Malware)

minecraftpremiumhack.exe (47aec9fd2115362df16ad27e46a2921c)

0 / 68

testp.exe (9f3a356c26d0c9a5ae3b6177ab90cb3f)

0 / 68

dreamx.exe (09528c67fcbc90e720ece1045f22afab)

17 / 68 (Malware)

1550 (4c5069b44dde8f819ad56fbf86aa5518)

0 / 68

sandisk.exe (xblm) (86b33193e153875cfc946c33bab2f896)

2 / 68 (inconclusive)

flashplayer18.exe (9d532d956c2252f562c00a75bcd8135d)

1 / 68 (inconclusive)

flashplayer18.exe (20b4fd4e7ac135d8160ed9cabe300dea)

0 / 68

flashplayer18.exe (bf1df45c15486f371d94ea01a51ddb87)

0 / 68

dreamx.exe (0518e376d8ad22bbe16b3d5e8d25453e)

16 / 68 (Malware)

rthreaege.exe (a927d09c2503c9a2f3a642007e9f90c3)

18 / 68 (Malware)

twunk_16.exe (6db2838fce067674ee7865476ba2952f)

0 / 68

dreamx.exe (b233e18f21df0db3297bf89a83caf44c)

5 / 68 (Malware)

sysmon.exe (67e01b46e42e4bb38f82493681e44dfb)

0 / 68

dreamx.exe (fc46e31980fbdbf9c6d516468f7d548e)

27 / 68 (Malware)

flashplayer17.exe (90dea499e0e04ceb63a0e2edec2ed7e9)

0 / 68

dreamx.exe (Synt) (00c20303325ad94d5e9ee8715581f6da)

3 / 68 (inconclusive)

flashplayer18.exe (022c1809f73f9a34ee787b9cfd6c2ce5)

0 / 68

flashplayer18.exe (0c9c3e8a203d383b2ccb559a8854e543)

2 / 68 (inconclusive)

flashplayer18.exe (f5626c5280c8e381f104958c6d4776bb)

1 / 68

flashplayer19.exe (86e1ab20f726f279671a8981ff34bf8c)

2 / 68

flashplayer18.exe (6d4d96f05a2b3f8fc337e0ab258d401c)

2 / 68 (inconclusive)

flashplayer17.exe (40bd6df27a1a1a1ece8c77c6d3a7a250)

Downloads URLs for files signed by NOS.

2 / 68 (inconclusive)

https://docs.google.com/uc?authuser=0&id=0B_NWrvhUFHQzSW00dWI1Ri0yeTA&export=download (flashplayer17.exe)

2 / 68 (inconclusive)

https://docs.google.com/uc?authuser=0&id=0B_NWrvhUFHQzMHFBN2s1YWlwMTg&export=download (flashplayer18.exe)

2 / 68

https://docs.google.com/uc?authuser=0&id=0B-esjd0txkTRcWgtbTQ5cDRwbWc&export=download (flashplayer18.exe)

2 / 68 (inconclusive)

https://docs.google.com/uc?authuser=0&id=0B-esjd0txkTRUTRMdWxyX2ozeTQ&export=download (flashplayer17.exe)

0 / 68

https://docs.google.com/uc?authuser=0&id=0B-esjd0txkTRcWQ4WTMyVDhMMDA&export=download (flashplayer18.exe)

2 / 68

https://docs.google.com/uc?authuser=0&id=0B_NWrvhUFHQzb2puU3ViYWZDb1U&export=download (flashplayer18.exe)

3 / 68 (inconclusive)

https://docs.google.com/uc?authuser=0&id=0B-esjd0txkTRUDNFYnhpRG5kS0U&export=download (flashplayer18.exe)

2 / 68 (inconclusive)

https://docs.google.com/uc?authuser=0&id=0B_NWrvhUFHQzU1d2YW12aVRweW8&export=download (flashplayer18.exe)

2 / 68 (inconclusive)

https://docs.google.com/uc?authuser=0&id=0B-esjd0txkTRRjFjVjVPemNJM3M&export=download (flashplayer18.exe)

0 / 68

https://docs.google.com/uc?authuser=0&id=0B_NWrvhUFHQzQWlNLU84T0VDQWM&export=download (flashplayer18.exe)

27 / 68 (Malware)

https://downloader.disk.yandex.com/disk/ffe5d3148593a8a165f4c9012e8edcc5c12beac672516d3a685dd7d096fbb007/55886444/.../x-msdownload&fsize=196656&hid=7b1bf303defc32264447168f6af4f809&media_type=executable&tknv=v2 (90dea499e0e04ceb63a0e2edec2ed7e9)

2 / 68 (inconclusive)

https://docs.google.com/uc?authuser=0&id=0B-esjd0txkTRVHBRR0pkUlZkRjg&export=download (flashplayer18.exe)

1 / 68

https://docs.google.com/uc?authuser=0&id=0B-esjd0txkTRbXN0WFpMQ2o5czQ&export=download (flashplayer19.exe)

Distribution

The following websites host and distribute files published by NOS.

downloader.disk.yandex.com

docs.google.com

The following publishers (by Authenticode signature organization name) are related.

TEKHNOLODZHI SISTEM, OOO

30 of 723 publishers

* Note, the details and description above are based on the code signing digital signature issued to NOS by NOS on June 20, 2015 with the serial number '00d1546373fc3b466d'.

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.