home

Say Media Group LTD.

Publisher Information

Say Media Group LTD. is a software publisher located in Tel Aviv, Israel*. The company is a primary distributor of unwanted software. There is one additional code signing certificate issued to this publisher.
Authority:
VeriSign, Inc.

Valid from:
9/8/2014 2:00:00 AM

Valid to:
9/9/2015 1:59:59 AM

Subject:
CN=Say Media Group LTD., OU=BuzzType, O=Say Media Group LTD., L=Tel Aviv, S=Israel, C=IL

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
59dcafc95b51b91c18ac8a2f0c525887

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.SayMediaGroup (M), PUP.SayMediaGroup.P, PUP.SayMediaGroup.M, PUP.Service.SayMediaGroup.I, PUP.Installer.SayMediaGroup.F, PUP.SayMediaGroup.K, PUP.SayMediaGroup.H, PUP.SayMediaGroup.I, PUP.Installer.SayMediaGroup.R, PUP.SayMediaGroup.Installer (M), PUP.SayMedia (M), PUP (M)
100.00%

NANO AntiVirus
Riskware.Win32.Loadshop.dgvoaq, Riskware.Win32.WebProtect.dfppal
18.00%

IKARUS anti.virus
PUA.Loadshop, Win32.SuspectCrc
18.00%

ESET NOD32
Win32/Adware.PicColor.A application
18.00%

Malwarebytes
PUP.Optional.PicColor.A, PUP.Optional.SayMedia
16.00%

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h
16.00%

ESET NOD32
Win32/AdWare.Loadshop, Win32/Adware.PicColor (variant)
14.00%

K7 AntiVirus
Adware
10.00%

avast!
Win32:Adware-gen [Adw], Win32:Adware-CGS [Adw]
8.00%

AVG
Generic5, Adware Generic5.CDUK, Adware Generic5.CDUL
8.00%

1 / 68      (Adware)
piccolorinstall.exe (PicColor Utility by PicColor)  (c46e496b594b2807f7e468b91eb69d19)

1 / 68      (Adware)
b7ad.tmp (PicColor Utility by PicColor)  (8a7b54357ef52a85b6e5aa53aa8f4471)

1 / 68      (Adware)
PicColor.exe (PicColor Platform by PicColor)  (77daed3e12c683e2d8a9497a07a91ec8)

1 / 68      (Adware)
piccolorinstall.exe (PicColor Utility by Say Media Group)  (8b3cfd271e0ed66aafdb5e58815fb5bb)

1 / 68      (Adware)
PicColor.exe (PicColor Platform by PicColor)  (1e88e3ad999f9397de016258f2f1c51e)

1 / 68      (Adware)
rgsbtmedia64.exe (RgsBTMedia64.exe by Say Media Group)  (e19ba76b2dfb0e9d0607f660764fdd38)

1 / 68      (Adware)
rgsbtmedia.exe (RgsBTMedia.exe by Say Media Group)  (9e10ddb90a1141546ef0f39512cccd6a)

1 / 68      (Adware)
PicColor.exe (PicColor Platform by PicColor)  (b2f1442894eb4c4817a12258e36080c3)

1 / 68      (Adware)
PicColor.exe (PicColor Platform by PicColor)  (590068372db3f441e46088db2a757d03)

1 / 68      (Adware)
piccolorinstall.exe (PicColor Utility by PicColor)  (879f6a453e12bb44df82bd0e73c22f10)

1 / 68      (Adware)
PicColor.exe (PicColor Platform by PicColor)  (f9b957aa7fe8b0cf0a2dad5f861faf44)

1 / 68      (Adware)
colormedia.exe (ColorMedia.exe by Say Media Group)  (63eae1c30fee756a24f57dbaf3654f1c)

1 / 68      (Adware)
PicColor.exe (PicColor Platform by PicColor)  (c4163128cf778e0df713655dce5f764a)

1 / 68      (Adware)
cmwd.sys (Say Media Group LTD)  (8611f897b0c19cbca22f06c3ed0c3b8a)

1 / 68      (Adware)
colormediawfpinst.exe (ColorMediaWFPInst.exe by Say Media Group)  (26145c4315e6dcfb5736ab944807c3da)

1 / 68      (Adware)
CMWFP.sys (CMWFP.sys by Say Media Group)  (fed8faf179da911fdff333129349c11f)

1 / 68      (Adware)
CMWFP64.sys (CMWFP64.sys by Say Media Group)  (5d7a6975be866b2a56337599fa4beca2)

3 / 68      (Adware)
PicColor.exe (PicColor Platform by PicColor)  (2c0d5720f1dde32d9a0d9dbeb7fe2c96)

3 / 68      (Adware)
PicColor.exe (PicColor Platform by PicColor)  (86077c475948753041b0045aafafd766)

1 / 68      (Adware)
rgsbtmedia64.exe (RgsBTMedia64.exe by Say Media Group)  (396cc88341d1f87a36278752d90bdbb8)

1 / 68      (Adware)
rgsbtmedia.exe (RgsBTMedia.exe by Say Media Group)  (29abdadbdb085a9a8f596db8f131354e)

7 / 68      (Adware)
colormedia.dll (ColorMedia.dll by Say Media Group)  (8b2f27db9ac6be2234df3efe336a7311)

3 / 68      (Adware)
colormedia64.dll (ColorMedia64.dll by Say Media Group)  (a7499d9d161fa1f95799313ee9e722b9)

2 / 68      (Adware)
colormediawfpinst.exe (ColorMediaWFPInst.exe by Say Media Group)  (a2e6ab1a4e821bda6fe4fcc5e0cbb07e)

2 / 68      (Adware)
CMWFP.sys (CMWFP.sys by Say Media Group)  (5a8efa29bed9e2f97abcf94a1f616bb0)

2 / 68      (Adware)
CMWFP64.sys (CMWFP64.sys by Say Media Group)  (39cc9447b3b9dae8cc7bdd1d96f8b852)

2 / 68      (Adware)
colormediawfpinst.exe (ColorMediaWFPInst.exe by Say Media Group)  (af7e674ff2a359fd5a8b5e63533dded1)

2 / 68      (Adware)
CMWFP.sys (CMWFP.sys by Say Media Group)  (04e438b08fe88262742784ffc95ea681)

4 / 68      (Adware)
colormedia.dll (ColorMedia.dll by Say Media Group)  (c349f7db803ca9c31538c82e865a167a)

8 / 68      (Adware)
piccolorinstall.exe (PicColor Utility by PicColor)  (d830b86ce6c5a49ce0e00d4b1038e9d8)

 
Latest 30 of 72 files

The following certificate is also signed by Say Media Group LTD..

520ED0CCF225EA74F64DF6CB75FC0119  (May 22, 2014 to May 22, 2016)

The following publishers (by Authenticode signature organization name) are related.

Say Media Group Ltd.

* Note, the details and description above are based on the code signing digital signature issued to Say Media Group LTD. by VeriSign, Inc. on September 08, 2014 with the serial number '59dcafc95b51b91c18ac8a2f0c525887'.
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.