» Red Sky Sp. z o.o.
Digital Signature
Analysis
Files (102)
Downloads (5)
Distribution (2)
Related (11)

Red Sky Sp. z o.o.

Publisher Information

Red Sky Sp. z o.o. is a software publisher located in Szczecin, Zachodniopomorskie in Poland*. Software developed by Red Sky Sp. z o.o. has been typically classified as potentially unwanted software. Thre are 3 additional code signing certificates issued to this publisher.

Authority:

COMODO CA Limited

Valid from:

3/28/2014 12:00:00 AM

Valid to:

3/28/2015 11:59:59 PM

Subject:

CN=Red Sky Sp. z o.o., OU=Red Sky, O=Red Sky Sp. z o.o., POBox=71-064, STREET=Aleja Piastow 22, L=Szczecin, S=zachodniopomorskie, PostalCode=71-064, C=PL

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00af74ae06e658887c8b6b42539f3fa758

Scanner detections:

Detections (100% detected)

Scan engine

Details

Detections

Reason Heuristics

PUP.Optional.RedSkySpzoo.T, PUP.Optional.RedSkySpzoo.O, PUP.Optional.Service.L, PUP.Optional.RedSkySpzoo.K, PUP.Optional.RedSkySpzoo.R, PUP.Optional.RedSkySpzoo.U, PUP.Optional.RedSkySpzoo.M, PUP.Optional.RedSkySpzoo.S, PUP.Optional.RedSkySpzoo.AA, PUP.Optional.RedSkySpzoo.H, PUP.Optional.RedSkySpzoo.J, PUP.Optional.RedSkySpzoo.P, PUP.Optional.RedSkySpzoo.L, Win32.Generic.RedSkySpzoo.Meta, Win64.Generic

100.00%

Comodo Security

ApplicUnwnt

10.00%

ESET NOD32

Win32/AdWare.ObronaAds.A application, Win32/Adware.ObronaAds.B application

8.00%

ESET NOD32

Win32/Adware.ObronaAds (variant)

8.00%

Trend Micro House Call

Suspici.389644AA, Suspicious_GEN.F47V1127, Suspici.5025EB53

6.00%

F-Prot

W32/SelfStarterInternetTrojan!M

6.00%

IKARUS anti.virus

PUA.ObronaAds

6.00%

VIPRE Antivirus

Threat.4150696

4.00%

F-Secure

Adware.PUQW, Adware.BrowseFox.BQ

4.00%

Sophos

PUA 'Obrona Ads' (of type Adware)

4.00%

1 / 68 (PUP)

obronablockads.exe (Obrona Block Ads by RedSky Sp. z o.o) (3b810345470aa106538ff29233cec335)

1 / 68 (PUP)

sasaservice.exe (e80b1ae930c7358cd431cc4a3fa6bbb5)

1 / 68 (PUP)

wow_helper.exe (da63354408f927ee4df15a9de6447f90)

1 / 68 (PUP)

app_host.exe (Diglo by Diglo) (0339b0619a1c7f3c99b69bc58b23a97a)

1 / 68 (PUP)

obastenessupdate.exe (12404a37a4d063be7af2efbb27f9a4af)

1 / 68 (PUP)

clickandgetsetup.exe (27d619ce84e885f39ddf49047e620520)

1 / 68 (PUP)

obronablockads.exe (Obrona Block Ads by RedSky Sp. z o.o) (5719b14c2281967ed81784aea913649e)

1 / 68 (PUP)

sasainstaller.exe (281fe7b4eb87804b16fbd05b0830e3c9)

1 / 68 (PUP)

bartvpn.exe (4366ba39d2900f0c6aceb9fe32d084fc)

1 / 68 (PUP)

obronablockads_3009-723f08d7.exe (edc2e431540c1941a35755235a6b6e17)

1 / 68 (PUP)

sasainstallerupdate.exe (54bb55d2f0b3710c9208ca721fa9073f)

1 / 68 (PUP)

obronablockads.exe (Obrona Block Ads by RedSky Sp. z o.o) (92afd5b2ae827c7814dcb925306734ba)

1 / 68 (PUP)

obronablockads.exe (Obrona Block Ads by RedSky Sp. z o.o) (cc66063e8e5d8bbbe6003a8f8efd3909)

1 / 68 (PUP)

obronablockadsupdate.exe (0bb9d20de0a4eff2037335b3a63cdf36)

1 / 68 (PUP)

obronablockads.exe (Obrona Block Ads by RedSky Sp. z o.o) (964875b8c211c19895abbc1c1293e74e)

2 / 68 (PUP)

obronablockads.exe (Obrona Block Ads by RedSky Sp. z o.o) (cb1f8017febdabc7d08ed21356ae772d)

1 / 68 (PUP)

bartvpn.exe (6608223c40c3a5a7d876cab6375c4046)

1 / 68 (PUP)

bartvpnservice.exe (d2d7fa2966d464ec5adbeb9363a2fe86)

1 / 68 (PUP)

ppgooglenaclpluginchrome.dll (c44d7395dd863daca3fe0be18a81db3a)

1 / 68 (PUP)

nacl64.exe (Diglo by Diglo) (5c0203bc6e418f090872cf5484d88db5)

1 / 68 (PUP)

metro_driver.dll (Chromium by The Chromium Authors) (43b5103c226f2dddbdf44dfdb57a33bc)

1 / 68 (PUP)

diglo.dll (Diglo by Diglo) (68f9e0b70609bfd51fd4acc2b1192d7e)

2 / 68 (PUP)

delegate_execute.exe (Chromium by The Chromium Authors) (4ce93aa9e571641a7c606269496bae7e)

12 / 68 (PUP)

sasaserviceupdate.exe (5c86c457c3d987060737ddb952bc8d3b)

1 / 68 (PUP)

blockads.htm (eb984d149d9332709109cedbbdc50216)

1 / 68 (PUP)

obronablockads.exe (b26b33fc633aece17834a1d5b5f66669)

2 / 68 (PUP)

obronablockads_row.exe (fa4b0eb6802c3c123658727e73315092)

1 / 68 (PUP)

bartvpn.exe (3f72dca3271628ca28abaada6901bd37)

6 / 68 (PUP)

cupoikinghelper.exe (3c3db8a7e97373c64a9f22f0f1a5b390)

1 / 68 (PUP)

cupoiking.exe (4e5ca1f6d7d8764ecc3c99cf8cc82cab)

Latest 30 of 102 files

Downloads URLs for files signed by Red Sky Sp. z o.o..

1 / 68 (PUP)

http://interia.hit.gemius.pl/hitredir/id=0stLay_GdLtDbdkbymp0ldU7jwzB44_kkcXH2eUJVFv.07/url=http://bartvpn.com/.../BartVPN.exe (3f72dca3271628ca28abaada6901bd37)

1 / 68 (PUP)

http://global-shared-files-l3.softonic.com/0ad/075/.../file?nvb=20141215142712&nva=20141216022812&token=03b9cc70e013ad61c8517&channel=WEB_SD&fdh=no&instance=sd_client_en&type=RECOFFER&filename=ObronaBlockAds.exe (061018d3622f667e3b3bf00094eeb29c)

1 / 68 (PUP)

http://software-files-a.cnet.com/s/software/13/82/47/.../BartVPN.exe (6608223c40c3a5a7d876cab6375c4046)

2 / 68 (PUP)

http://drzwu57ht9dxd.cloudfront.net/bundles/.../ObronaBlockAds_ROW.exe (fa4b0eb6802c3c123658727e73315092)

1 / 68 (PUP)

http://bartvpn.com/.../BartVPN.exe (3f72dca3271628ca28abaada6901bd37)

Distribution

The following websites host and distribute files published by Red Sky Sp. z o.o..

drzwu57ht9dxd.cloudfront.net

bartvpn.com

The certificates below are also signed by Red Sky Sp. z o.o..

4DBAF13DB20FFA03A277F56CD9E1FD (Mar 02, 2015 to Mar 02, 2016)

0F53C719AE5A2965DFE5741C71C3EB3C (Mar 04, 2013 to Mar 05, 2014)

0CC9BDBB8334FB4F1CF14EF9A50DA775 (Feb 24, 2012 to Feb 28, 2013)

The following publishers (by Authenticode signature organization name) are related.

Conduit Ltd.

Crawler, LLC

PC Backup Software Limited

1NSTALL (383 MEDIA, INC.)

Ma Lin

Weather Notifications LLC

Jenkat Media, Inc

* Note, the details and description above are based on the code signing digital signature issued to Red Sky Sp. z o.o. by COMODO CA Limited on March 28, 2014 with the serial number '00af74ae06e658887c8b6b42539f3fa758'.

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.