home

Shanghai Bo Yi Information Technology Co. Ltd.

Publisher Information

Shanghai Bo Yi Information Technology Co. Ltd. is a software publisher located in Shanghai, China*. Thre are 3 additional code signing certificates issued to this publisher.
Authority:
Symantec Corporation

Valid from:
3/30/2015 8:00:00 AM

Valid to:
4/29/2018 7:59:59 AM

Subject:
CN=Shanghai Bo Yi Information Technology Co. Ltd., O=Shanghai Bo Yi Information Technology Co. Ltd., L=Shanghai, S=Shanghai, C=CN

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
3c189ce4860d33ba864357f925b5d8f8

Status:
Inconclusive detections from multiple engines

Scan engine
Details
Detections

Avira AntiVirus
TR/Crypt.XPACK.Gen3
71.43%

IKARUS anti.virus
Trojan.Crypt, Virus.Win32.Heur, PUA.NoobyProtect
57.14%

AhnLab V3 Security
Trojan/Win32.Generic, Trojan/Win32.Generic.C237093, Virus/Win32.Detnat.N2080764231
42.86%

K7 AntiVirus
Trojan
42.86%

ESET NOD32
Win32/Packed.NoobyProtect.M suspicious (variant)
42.86%

Sophos
Generic PUA FH (PUA), Generic PUA DB (PUA), Generic PUA PH (PUA)
42.86%

Fortinet FortiGate
PossibleThreat
42.86%

Qihoo 360 Security
HEUR/QVM19.1.Malware.Gen, Win32/Trojan.160
42.86%

AegisLab AV Signature
Troj.Crypt.Xpack!c, Troj.W32.Gen.lvTx
42.86%

G Data
Win32.Trojan.Agent.NQ19QA, Gen:Trojan.Heur.0q!@JOPla!cb, Win32.Trojan.Agent.WCR3D1
42.86%

0 / 68
sekeygensdk.dll (Safengine)  (efdb409fb6765f6e11d97ad28f2072c2)

0 / 68
cdclient.dll (CheatDefender by Safengine)  (ced77f7d0bf17c290ccc91f27c7d6bc2)

0 / 68
cdclient.dll (CheatDefender by Safengine)  (767fb855e32ba5be2d017c57647ffd4a)

0 / 68
cdclient.dll (CheatDefender by Safengine)  (db10e74a381055b4894c74ef7d98acfd)

0 / 68
取机器码.exe (Safengine)  (9ae70b1e04cb8521c13ce09cc409f642)

0 / 68
sekeygensdk.dll (Safengine)  (60bfc085a060fd02f05d7bb36350967a)

0 / 68
sekeygen.exe (Safengine)  (d592f61c28330811e30cf60480ea8df3)

9 / 68      (Malware)
gethwid.exe (Safengine)  (1a3548c67cfa8c5e05e3d0ee079e58fe)

8 / 68      (inconclusive)
cdclient.dll (CheatDefender by Safengine)  (d2d2ed9f0c850beac28309074ac230ec)

0 / 68
shielden.exe (Shielden by Safengine)  (373771cd76b64dcbe611c93b0b262fbd)

6 / 68      (inconclusive)
shielden.exe (Shielden by Safengine)  (e2cd3ca0a251c1721215811fe2446f1a)

0 / 68
sekeygen.exe (Safengine)  (8210b7b551ab27442415172755f8b863)

0 / 68
sekeygensdk.dll (Safengine)  (fd4803071cd930ff8a76da96a6c391d7)

0 / 68
sekeygen.exe (Safengine)  (dd90b7f51b75e1c76e7c9312c27e358b)

0 / 68
sekeygensdk.dll (Safengine)  (12a6506069e5ac3e40802f5b45e428e6)

0 / 68
sekeygen.exe (Safengine)  (68a511ecd7e7bef74c8e32ffb7f429a7)

0 / 68
sekeygensdk.dll (Safengine)  (66b2f131a92ad6cf08a6c29d7b145f70)

0 / 68
sekeygen.exe (Safengine)  (476e40165c6249da082d567ab83f937c)

0 / 68
cdclient.dll (CheatDefender by Safengine)  (dc225771f13fee3941046b419db0cbce)

11 / 68    (Malware)
hardware-id.exe (Safengine)  (daeeb2e96da08d73add91d058d83b0ce)

0 / 68
shielden.exe (Shielden by Safengine)  (400f56255f42c902b76fb96fea7bad85)

1 / 68
sekeygen.exe (Safengine)  (a28bdcfa1178b2bc63e38a4b3d4c0bd7)

0 / 68
sekeygensdk.dll (Safengine)  (73196e2290109b3b06e83279dc859539)

6 / 68      (false positives)
gethwid.exe (Safengine)  (25f727b17cf651b58f4ed73a418ea0db)

3 / 68
shielden.exe (Shielden by Safengine)  (56ec8fbde88ca29e15cebd3638f63835)

Downloads URLs for files signed by Shanghai Bo Yi Information Technology Co. Ltd..

9 / 68      (Malware)
http://www41.zippyshare.com/d/3JM2IBtK/.../GetHWID.exe  (1a3548c67cfa8c5e05e3d0ee079e58fe)

9 / 68      (Malware)
http://www41.zippyshare.com/d/3JM2IBtK/.../GetHWID.exe  (1a3548c67cfa8c5e05e3d0ee079e58fe)

6 / 68      (false positives)
https://e.mail.ru/cgi-bin/.../octet-stream&cn=GetHWID.exe&cte=binary&notype=1&file=GetHWID.exe&mode=attachment&channel  (25f727b17cf651b58f4ed73a418ea0db)

The following websites host and distribute files published by Shanghai Bo Yi Information Technology Co. Ltd..

e.mail.ru

The certificates below are also signed by Shanghai Bo Yi Information Technology Co. Ltd..

3BDC743ADE918E2EC09F3A9FDD929776  (Mar 15, 2012 to Mar 20, 2015)

747257F202E9C962C91B4EDA689D5DBB  (Feb 07, 2014 to Mar 20, 2015)

01FA8E38157B9CB8ED36AD5D4C976E6A  (Mar 20, 2011 to Mar 20, 2012)

The following publishers (by Authenticode signature organization name) are related.

LLC Mail.Ru

Syncopate LLC

Webcellence Ltd.

Softland S.R.L.

MetaQuotes Software Corp.

Connectify (Connectify, Inc.)

Disc Soft Ltd

HHD Software Ltd.

Ghisler Software GmbH

Nanosystems S.r.l.

Webyog, Inc

AgileMax (Alpha Criteria Ltd.)

dotPDN LLC

Pando Networks, Inc.

Gaijin Entertainment LLP

MERGE Healthcare

Gemfor s.r.o.

1BN Software & IT Solutions Private Limited

DONATIONCODER.COM LLC

DT Soft Ltd

Blue Century Software co.

Sonic Foundry

Crypto-Pro

Mojang

Exchange Technologies Ltd

Trusted Installer

Curse, Inc.

OOO Online Center

Dmitri Aleksandrovich Rassadin IP

* Note, the details and description above are based on the code signing digital signature issued to Shanghai Bo Yi Information Technology Co. Ltd. by Symantec Corporation on March 30, 2015 with the serial number '3c189ce4860d33ba864357f925b5d8f8'.
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.