home

Shanghai Zhenrui Network Technology Studio

Publisher Information

Shanghai Zhenrui Network Technology Studio is a software publisher located in ShangHai, China*.
Authority:
VeriSign, Inc.

Valid from:
5/6/2013 8:00:00 AM

Valid to:
5/7/2014 7:59:59 AM

Subject:
CN=Shanghai Zhenrui Network Technology Studio, OU=IT, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Shanghai Zhenrui Network Technology Studio, L=ShangHai, S=ShangHai, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
40210eb4b5038cd40c7b282fa7c94440

Status:
Inconclusive detections from multiple engines

Scan engine
Details
Detections

Trend Micro House Call
TROJ_GEN.F47V0509, TROJ_GEN.F47V0425, TROJ_GEN.F47V0306, Suspicious_GEN.F47V0913, Suspicious_GEN.F47V0207
55.56%

IKARUS anti.virus
Win32.Malware, Trojan-Dropper.Small, AdWare.Downloader
44.44%

Dr.Web
Adware.Downware.2757, Adware.Softcnapp.4
44.44%

McAfee
Artemis!685658F57A4C, Artemis!50EB67C1A0C5
22.22%

avast!
Win32:Rootkit-gen [Rtk], Win32:Adware-gen [Adw]
22.22%

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h
11.11%

MicroWorld eScan
Gen:Variant.Graftor.51246
11.11%

Bitdefender
Gen:Variant.Graftor.51246
11.11%

Emsisoft Anti-Malware
Gen:Variant.Graftor.51246
11.11%

F-Secure
Gen:Variant.Graftor.51246
11.11%

0 / 68
update.exe (by BaoHuS NewWork)  (ff7a5d13e9a9997a6bcfc8e5d5025b20)

1 / 68      (inconclusive)
BaoHuS_Uninstall.exe (by BaoHuS NetWork)  (2da4023353acb6a6d5a0bc79bc5ae9cf)

0 / 68
BaoHuSHelper.exe (BaoHuSHelper by BaoHuS NewWork)  (5b72d398f4aac640d2002769a1a3cd7d)

1 / 68      (inconclusive)
shslock.dll (Shanghai Tuizhong Elock by Shanghai Tuizhong)  (e6d7134ec10704ad33b9221d2324ff08)

0 / 68
ShouHuSHelper.exe (ShouHuSHelper by Shanghai TuiZhong NewWork)  (d5575b393c53adf3ba1b64f40be2bad3)

1 / 68
ShouHuS.exe (by Shanghai Tuizhong NetWork)  (3d9510ab2cc1724168631690d72ae44c)

0 / 68
setup_t113.exe  (20188d9922634dd14b69d4dbf5a7cd3d)

0 / 68
setup_t024.exe  (32d29dbd6eb12d537adf5c15cc70818a)

0 / 68
setup_t081.exe  (3beb40b6024cc4c3a206e6c5ee023653)

0 / 68
setup_t212.exe  (74a7a0b3683fb86359844bdf59f2ebb7)

0 / 68
uninst.exe  (56657c87ac26eaec79710594f0c368d6)

0 / 68
uninst.exe  (05738de52084fa5474af03592710330c)

0 / 68
setup_t170.exe  (dbb19d5cea5b0aaf5e1c12dd4862d086)

1 / 68
uninst.exe  (3a4a3201e792d330b61a424744249914)

0 / 68
setup_t024.exe  (dce6f7bbaf2fa541811ed973f64a05a4)

0 / 68
setup_t230.exe  (2ce295ee6991e5d71b32dde4559ccd79)

0 / 68
bhslock32.sys (bhslock Network)  (9376385a4f736a82fba059f304866986)

0 / 68
bhslock.dll (bhslock NetWork)  (a75b3552fd7a41385cda24fb56f531f9)

0 / 68
uninst.exe  (96535948e05225f0c214bd0a35f5bacb)

0 / 68
statistics.dll (by www.haharili.com)  (9baee5c94701941b38388dd45150cf46)

0 / 68
service.dll (by www.haharili.com)  (f0dd82cf0e04abe5541ffb94658e7726)

0 / 68
Power.exe (by www.haharili.com)  (a05fa16be9d31b0557109bbb76572708)

0 / 68
hhrl.exe (by www.haharili.com)  (0abf8f74482be2fbed83664afc239f71)

0 / 68
setup_t162.exe  (b65acd637bb16e930ab258d5ed07554b)

0 / 68
clock64.exe (by www.haharili.com)  (0c94a744c517c787ccb34ec680ea490f)

0 / 68
clock64.dll (by www.haharili.com)  (367e741d82010453b64e9f8daad97320)

0 / 68
clock32.exe (by www.haharili.com)  (0fd7dbd35d2be2ab428e972cdef466f2)

0 / 68
clock32.dll (by www.haharili.com)  (1bab0a312cecb4ebfbc58f72cc9f7e7e)

2 / 68
setup_t024.exe  (6a3a83dfd6512ea40c424dc3a8a4f55f)

0 / 68
uninst.exe  (0ee4d4f0ad56ebd499121ca914898784)

 
Latest 30 of 57 files

Downloads URLs for files signed by Shanghai Zhenrui Network Technology Studio.

0 / 68
http://www.baidu.com/cb.php?c=IgF_pyfqnHRknHD1PjR0IZ0qnfK9ujYknWfYnjnY0Aw-5HDznjnvnWR0TAq15HRLnH0snfK15H0LPjKbnhNhmWRvrH0LPWD0uZfqnHn3rHT4PWRdr0KdThsqpZwYTjCEQvP8Thw8QhPEUiq_IM7j0ZFb5HT0mhYqn0KsTWYs0ZNGujYkPjT3nWck0AqGujYkrjDLnsKWpyfqn1fkrjT0ULI85HDLrj030APzm1YYn1Tzns  (setup_t024.exe)

0 / 68
http://www.baidu.com/cb.php?c=IgF_pyfqnHRknHD1PjR0IZ0qnfK9ujYknWfYnjnY0Aw-5HDznjnvnWR0TAq15HRLnH0snfK15HbsnyPWrAcsmvn4ujDsuHR0uZfqnHn4PW6LrHTdP0KdThsqpZwYTjCEQvP8Thw8QhPEUiq_IM7j0ZFb5Hm0mhYqn0KsTWYs0ZNGujYkPjT3nWck0AqGujYkrjDLnsKWpyfqn1fkrjT0ULI85HDLrj030APzm1Y1PWTL  (setup_t024.exe)

0 / 68
http://down.tututool.com/down.asp?id=162  (setup_t162.exe)

5 / 68      (Malware)
http://down.haharili.com/.../setup_t162.exe  (685658f57a4c1e3513b814bd52731d9c)

5 / 68      (Malware)
http://down.tututool.com/down4.asp?id=162  (setup_t002.exe)

5 / 68      (Malware)
http://down.tututool.com/down.asp?id=162  (setup_t002.exe)

5 / 68      (Malware)
http://cnrdn.com/tZbC  (setup_t002.exe)

The following websites host and distribute files published by Shanghai Zhenrui Network Technology Studio.

down.haharili.com

down.tututool.com

cnrdn.com

www.baidu.com

The following publishers (by Authenticode signature organization name) are related.

ZUNSHANG INFO TECH CO. LTD.

Beijing Sohu New Media Information Technology Co., Ltd.

Beijing baidu Netcom science and technology co.ltd

广西南宁市昇泰安电子商务发展有限公司

Baidu (China) Co., Ltd.

重庆话语科技有限公司

Shanghai Weilu Network Technology Co., Ltd.

Shanghai Gaoxin Computer System Co.,ltd

GuangxiNanningshi Shengjuguangzaixian Info Tech Co.,LTD.

Youbo Network Technology Co.,Ltd

Tencent Technology(Shenzhen) Company Limited

上海冰狗网络科技有限公司

Changzhou Zunshang Information Technology Co., Ltd

Yantai ZhengHao Network Technology Co.,Ltd.

Beijing Kingsoft Security software Co.,Ltd

Shanghai kuaiping Network Technology Co., Ltd

上海快屏网络科技有限公司

SHANGRAO WANGJU TIANXIA TECHNOLOGY CO.,LTD.

SHANGHAI FENGHAN NETWORK INFORMATION TECHNOLOGY STUDIO

易书海

Xi'an TingXue Network Technology co., Ltd.

BEIJING QIYI CENTURY SCIENCE&TECHNOLOGY CO.,LTD.

ZhongXiang ZhiXing Network Service Co., Ltd.

刘诗诗

Youqu Network Technology Co.Ltd

Sogou.com

上海瑞创网络科技股份有限公司

潘文帅

Chongqing QuWan Technology Co., Ltd.

Shanghai Yicen Network Technology Co., Ltd.

30 of 60 publishers

* Note, the details and description above are based on the code signing digital signature issued to Shanghai Zhenrui Network Technology Studio by VeriSign, Inc. on May 06, 2013 with the serial number '40210eb4b5038cd40c7b282fa7c94440'.
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.