Pokki

Publisher Information

Pokki is a software developer located in San Diego, California in the United States*. Thre are 2 additional code signing certificates issued to this publisher.
Authority:
VeriSign, Inc.

Valid from:
4/25/2011 8:00:00 PM

Valid to:
4/25/2012 7:59:59 PM

Subject:
CN=Pokki, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Pokki, L=San Diego, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
1bcdd0bbe1c67f61e5879491ce2acb69

Scanner detections:
Malware distribution  (76% detected)

Scan engine
Details
Detections

Reason Heuristics
Win64.Generic.Pokki.Meta, Win32.Generic.Pokki.Installer.Meta, Win32.Generic.Pokki.Meta, PUP.SweetLabs.Pokki.Installer (L), PUP.SweetLabs.Pokki.Updater (L), PUP.OpenCandy (M), PUP.OPenCandy (M)
100.00%

Jiangmin
TrojanSpy.Zbot.aphv, Trojan/Agent.ivyx
5.26%

Trend Micro House Call
TROJ_GEN.F47V0318
2.63%

Clam AntiVirus
Win.Trojan.Agent-209308
2.63%

Kingsoft AntiVirus
Win32.Troj.Agent.tf.(kcloud)
2.63%

0 / 68
pokki.exe (Pokki)  (ecb5d59fdc4db5f8d096766b4d59ed9d)

0 / 68
pokki.exe (Pokki)  (12f95a4d6c78abaf989d33741e325cf6)

1 / 68      (PUP)
___ocnsis.dll (ocnsis Dynamic Link Library by Pokki)  (6d66361ef7209bcc7934b16468f140b3)

1 / 68      (Malware)

0 / 68
pokki.exe (Pokki)  (2f8f49e97e14a78841a3d6aca9bcdfe4)

0 / 68
pokki.exe (Pokki)  (f09217cf1ec6427630a63256515384d2)

1 / 68      (Malware)
ocdeskband_0.dll (ocdeskband Dynamic Link Library)  (50c531d48f7f0587591c21e71ba146a5)

1 / 68      (PUP)
pokkiInstaller.exe (Pokki Installer by Pokki)  (c500120a73ff8969e39cad1b13251826)

1 / 68      (PUP)

0 / 68
Pokki_TweekiSetup.exe (Tweeki for Pokki by Pokki)  (fb0ee92b38f916bb5bcafc58d8ce4497)

1 / 68      (PUP)
Pokki_EdgeworldSetup.exe (Edgeworld for Pokki by Pokki)  (b31e3b349cc717a09559e658c2453721)

1 / 68      (Malware)
ocexdll.dll (Pokki Explorer Hook DLL)  (3dba7bc7c0a2516e9664e5d07a495424)

1 / 68      (PUP)
Pokki_eBaySetup.exe (eBay for Pokki by Pokki)  (1368c43397fe00ebce51a6f454455f90)

1 / 68      (PUP)
Pokki_EdgeworldSetup.exe (Edgeworld for Pokki by Pokki)  (868c32e16a3c88ae38bd7be6605e2668)

1 / 68      (PUP)
Pokki_GmailSetup.exe (Gmail for Pokki by Pokki)  (e8d1ce89dbb630a0a55f93270bd42007)

1 / 68      (Malware)
ocexdll.dll (Pokki Explorer Hook DLL)  (59c23d9c24d9b0968a96f523fb1eeda0)

0 / 68
pokki.exe (Pokki)  (d01407a2b43d12454645a8b079666b48)

0 / 68

1 / 68      (PUP)
___ocnsis64.dll (ocnsis Dynamic Link Library by Pokki)  (34ec1ac324817db5aecbb7066b87f0cc)

1 / 68      (PUP)
pokkiupdater.exe (Pokki Updater by SweetLabs,Inc)  (3d642fbb82d66b34d8779f2a03c297b9)

1 / 68      (PUP)

0 / 68
tmpa801.exe (Pokki Download Helper by Pokki)  (81cd5521830f4d51cc52341477c23fd2)

1 / 68      (PUP)
pokki_tubbisetup-1.exe (Tubbi for Pokki by Pokki)  (d85b128033881957cbc3cbfa65436351)

0 / 68
pokki.exe (Pokki)  (ff74dd4381cab57276455d8aa5f473a3)

1 / 68      (Malware)
ocdeskband_0.dll (ocdeskband Dynamic Link Library)  (e026f0791acb78818de33118e94f10f1)

1 / 68      (PUP)
pweather-en-win.exe (pWeather for Pokki by Pokki)  (38f6acbb1d4b12f4529da0cd397a9ba1)

1 / 68      (Malware)
oct15f3.tmp.exe  (50a577c4f734ba894c4a305088a80aa4)

1 / 68      (Malware)
ocnsis.dll (ocnsis Dynamic Link Library by Pokki)  (573a44da0fb5d44088c2099831930371)

1 / 68      (PUP)
Pokki_GmailSetup.exe (Gmail for Pokki by Pokki)  (d631ba6e621ec98f174982c074d79eb7)

0 / 68
pokki.exe (Pokki)  (d41c58f340a27244151eeef55bb89dc9)

 
Latest 30 of 102 files

Downloads URLs for files signed by Pokki.

2 / 68      (Malware)

1 / 68      (PUP)
http://cdn.pokki.com/.../Pokki_EdgeworldSetup.exe  (b31e3b349cc717a09559e658c2453721)

2 / 68      (Malware)
http://cdn.pokki.com/.../Pokki_Little_AlchemySetup.exe  (ead68c2363a95e38b67c4dbec693d2ce)

1 / 68      (Malware)
http://cdn.pokki.com/.../Pokki_FacebookSetup.exe  (216e211f962349bbb5480bbd0e28d370)

The following websites host and distribute files published by Pokki.

The certificates below are also signed by Pokki.

0895BFAF55A6DC53921FCDFF971124BD  (Apr 19, 2015 to May 19, 2017)

7F0C02A0B2F2B0727327296C8736183B  (Feb 27, 2012 to Apr 25, 2015)

The following publishers (by Authenticode signature organization name) are related.

* Note, the details and description above are based on the code signing digital signature issued to Pokki by VeriSign, Inc. on April 25, 2011 with the serial number '1bcdd0bbe1c67f61e5879491ce2acb69'.