home

Passion Fruit Tech

Publisher Information

Passion Fruit Tech is a software publisher located in Hod Hasharon, Israel*. The company is a primary distributor of unwanted software.
Authority:
COMODO CA Limited

Valid from:
7/20/2014 7:00:00 PM

Valid to:
7/21/2015 6:59:59 PM

Subject:
CN=Passion Fruit Tech, O=Passion Fruit Tech, STREET=Rakefet, L=Hod Hasharon, S=Israel, PostalCode=4520634, C=IL

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
3505fc58261f9fa827a43371a3aaec54

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
Threat.Win.Reputation.IMP, PUP.PassionFruitTech.P, PUP.PassionFruitTech.G, PUP.PassionFruitTech.I, PUP.PassionFruitTech.K, PUP.PassionFruitTech.J, PUP.PassionFruitTech.H, PUP.PassionFruitTech.L, PUP.Bitcocktail.PassionFruitTech (M), PUP.Bitcocktail.PassionF (M), PUP.Bitcocktail (M)
96.00%

Dr.Web
Adware.Shopper.816, Adware.Shopper.423, Adware.Vbates.12
18.00%

ESET NOD32
Win32/Toolbar.BitCocktail (variant)
16.00%

ESET NOD32
Win32/Toolbar.Perion.J potentially unwanted application, Win64/Toolbar.Perion.B potentially unwanted application
16.00%

Kaspersky
not-a-virus:Downloader.Win32.Agent, Trojan-Downloader.Win32.Agent
12.00%

Emsisoft Anti-Malware
Gen:Variant.Kazy.479159, Gen:Variant.Kazy.461155, Adware.PassionFruit
10.00%

Malwarebytes
PUP.Optional.SweetPacks.A
8.00%

avast!
Win64:Adware-gen [Adw], Win32:Adware-DAP [Adw]
8.00%

Baidu Antivirus
PUA.Win32.BitCocktail
6.00%

MicroWorld eScan
Gen:Variant.Kazy.479159, Gen:Variant.Kazy.461155, Adware.PassionFruit.A
6.00%

1 / 68      (Adware)
v-bates.exe (by Wajamu)  (e4ed2dad6bba9bd6458c799995124cd4)

1 / 68      (Adware)
v-bates.exe (by Wajamu)  (8f988282ba9a9b54da8819864a40e01f)

1 / 68      (Adware)
v-bates.exe (by Wajamu)  (5c9320ee940136a8565c94a3a3464200)

1 / 68      (Adware)
v-bates.exe  (962b02275e6fe24695617c4199d05703)

1 / 68      (Adware)
tmp0000000116b818d1abc5d1cd  (7757b57c71335f5962c2173d4143e2f5)

1 / 68      (Adware)
lbwnhk64.dll  (37d3f646b1128c7988fa418e9b786fbf)

1 / 68      (Adware)
lbnjct2.dll  (487990290b7c6ba79cc63dff6340d186)

1 / 68      (Adware)
extensionupdaterservice.exe  (b4e48fadd02f4e72eb73522765c002fd)

1 / 68      (Adware)
libwinhook.dll  (76b4398fd7958c79b7022dcf5725f2ab)

3 / 68      (Adware)
tmp0000000204d3456cbccb7133 (Notifications)  (8f3407eb5cb878b6d06fcfb575b5fef9)

5 / 68      (Adware)
tmp000000f01c9cb74c1fb966f6  (58b32052c33a584ef47384b8118a2f22)

1 / 68      (Adware)
installerhelper.dll  (37cfecf8bf6f9e83f411514e14ddb1f1)

1 / 68      (Adware)
extension64.dll  (bb44f98ff409c1ef44e181eadef1dfc8)

1 / 68      (Adware)
nmhclient.exe.vir  (ff051feaf13c8f4d3894a381a60e00c8)

1 / 68      (Adware)
installerhelper.dll.vir  (e324877b2735361173c836beae2c9410)

1 / 68      (Adware)
extension64.dll.vir  (5d50bed2df972bf626a6c8f97b511f38)

1 / 68      (Adware)
nmhclient.exe  (a0c1a40cea206115103f8c2d91c1d81d)

1 / 68      (Adware)
nmhclient.exe  (f37602447fd97124e3cfd2e1cbcc4600)

10 / 68    (Adware)
dgchrome.exe (dgchrome)  (cd3add425bf803fd661cbeee6a1eb19c)

18 / 68    (Adware)
casino.exe  (eae451558e672d3115be477c43749937)

1 / 68      (Adware)
installerhelper.dll  (e6ccd491029479d53113b9b56315af53)

6 / 68      (Adware)
extension64.dll  (deeacaea09bf6c6be4ba1ad3e7b44a8e)

2 / 68      (Adware)
v-bates.exe (by Wajamu)  (e1c7a8f4cca67ec355ead26a6aa9b382)

4 / 68      (Adware)
extension32.dll  (70c6d603f155c01a59b46fc13d2c4b54)

4 / 68      (Adware)
extensionupdaterservice.exe  (e0379a80666b1496273d11c91d9db05f)

2 / 68      (Adware)
installerhelper.dll  (94cafefb0342bb6efa707476e594e62b)

4 / 68      (Adware)
extension64.dll  (bea5367f819ce404380f2ff81519ca18)

3 / 68      (Adware)
extension32.dll  (04c0782af82366b8afe7ab7a7a57383d)

4 / 68      (Adware)
extensionupdaterservice.exe  (aa76ce6cf217569b79697f0d0b7dd336)

1 / 68      (Adware)
installerhelper.dll  (38cf8331452b6132a65661899d033ebc)

 
Latest 30 of 110 files

Downloads URLs for files signed by Passion Fruit Tech.

2 / 68      (Adware)
http://24b9c2b31b06c472fcca-681664e3535063ecf3a37aa4fc97770c.r32.cf5.rackcdn.com/prime/.../v-bates.exe  (9f17c0608283c759aee58bdbee2e8a75)

18 / 68    (Adware)
http://4588de65602251a77644-70eaad95d276c54a2feaa67d7824ba83.r7.cf5.rackcdn.com/.../casino.exe  (eae451558e672d3115be477c43749937)

2 / 68      (Adware)
http://51c6c8550bd356353964-b828609f4d7048c0fa1d5e05a2e63d98.r80.cf5.rackcdn.com/.../v-bates.exe  (9f17c0608283c759aee58bdbee2e8a75)

2 / 68      (Adware)
http://24b9c2b31b06c472fcca-681664e3535063ecf3a37aa4fc97770c.r32.cf5.rackcdn.com/prime/.../v-bates.exe  (e1c7a8f4cca67ec355ead26a6aa9b382)

2 / 68      (Adware)
http://51c6c8550bd356353964-b828609f4d7048c0fa1d5e05a2e63d98.r80.cf5.rackcdn.com/.../v-bates.exe  (e1c7a8f4cca67ec355ead26a6aa9b382)

The following websites host and distribute files published by Passion Fruit Tech.

24b9c2b31b06c472fcca-681664e3535063ecf3a37aa4fc97770c.r32.cf5.rackcdn.com

51c6c8550bd356353964-b828609f4d7048c0fa1d5e05a2e63d98.r80.cf5.rackcdn.com

4588de65602251a77644-70eaad95d276c54a2feaa67d7824ba83.r7.cf5.rackcdn.com

The following publishers (by Authenticode signature organization name) are related.

Wajamu

Somoto Israel

* Note, the details and description above are based on the code signing digital signature issued to Passion Fruit Tech by COMODO CA Limited on July 20, 2014 with the serial number '3505fc58261f9fa827a43371a3aaec54'.
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.