Shulan Hou

Publisher Information

Shulan Hou is a software publisher located in Beijing, China*. The company is a primary distributor of unwanted software. Thre are 45 additional code signing certificates issued to this publisher.
Authority:
thawte, Inc.

Valid from:
8/22/2016 2:00:00 AM

Valid to:
6/14/2017 1:59:59 AM

Subject:
CN=Shulan Hou, OU=Individual Developer, O=No Organization Affiliation, L=Beijing, S=Beijing, C=CN

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
58d977998990941725a12a8e95e680e8

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.ELEX (M)
100.00%

1 / 68      (Adware)
wow_helper.exe  (b9886344bd869873d304835ab29ae687)

1 / 68      (Adware)
chrome.exe (Birdmay by Google)  (395432e33b22fa8cc44e2cfb868d6863)

1 / 68      (Adware)
chrome.exe (Bagbin by Google)  (e5f3cc87a32b8f40d728d22532fdac17)

1 / 68      (Adware)
chrome_child.dll (Birdmay by Google)  (d7661d20b1b30ea1160aaf4868953a4a)

1 / 68      (Adware)
chrome.exe (Birdmay by Google)  (57ccf7942b40f7bc244a1b17423c11e3)

1 / 68      (Adware)
chrome.exe (Bagbin by Google)  (e5f3cc87a32b8f40d728d22532fdac17)

1 / 68      (Adware)
chrome.exe (Bagbin by Google)  (e5f3cc87a32b8f40d728d22532fdac17)

1 / 68      (Adware)
chrome.exe (Bagbin by Google)  (e5f3cc87a32b8f40d728d22532fdac17)

1 / 68      (Adware)
chrome.exe (Bagbin by Google)  (e5f3cc87a32b8f40d728d22532fdac17)

1 / 68      (Adware)
chrome.exe (Bagbin by Google)  (e5f3cc87a32b8f40d728d22532fdac17)

1 / 68      (Adware)
chrome.exe (Birdmay by Google)  (fdfd910547c75c7ec220ffd0ee8be7af)

1 / 68      (Adware)
chrome.exe (Birdmay by Google)  (57ccf7942b40f7bc244a1b17423c11e3)

1 / 68      (Adware)
chrome.exe (Birdmay by Google)  (34475bc7a2fb319032b5797db5793bcb)

1 / 68      (Adware)
chrome.exe (Birdmay by Google)  (57ccf7942b40f7bc244a1b17423c11e3)

1 / 68      (Adware)
chrome_child.dll (Birdmay by Google)  (c6f6b2f3984a951ad9d80f7e0d7d7946)

1 / 68      (Adware)
chrome_child.dll (Birdmay by Google)  (2be7ea36f971da5a1c5ae633c59e0af7)

1 / 68      (Adware)
wow_helper.exe  (c632687ab71601811c4dbcc3c52d56c9)

1 / 68      (Adware)
chrome_watcher.dll (Birdmay by Google)  (7e320c1ef98ddb474c46e88946745e0a)

1 / 68      (Adware)
libEGL.dll (ANGLE libEGL Dynamic Link Library)  (e1f12a0c3cf9d086c637961cdf5f6ccc)

1 / 68      (Adware)
libGLESv2.dll (ANGLE libGLESv2 Dynamic Link Library)  (d507bc2cead0661d448d6ad7dfcf9bcf)

1 / 68      (Adware)
chrome_child.dll (Birdmay by Google)  (5899af7d8e4060334e670e0b90a30a3f)

1 / 68      (Adware)
chrome.dll (Birdmay by Google)  (ebb15915744b804a408493195ea10911)

1 / 68      (Adware)
chrome_elf.dll (Birdmay by Google)  (27377d07d777bb2154c507d329cb77d2)

1 / 68      (Adware)
chrome.exe (Birdmay by Google)  (57ccf7942b40f7bc244a1b17423c11e3)

1 / 68      (Adware)
wow_helper.exe  (5293f952f526fb7a3d79047d111c5531)

1 / 68      (Adware)
chrome_watcher.dll (Bagbin by Google)  (31834f47b07d19ab7c2fdc25d3c83e00)

1 / 68      (Adware)
libEGL.dll (ANGLE libEGL Dynamic Link Library)  (f96e73326c473941b60dc9cac38936aa)

1 / 68      (Adware)
libGLESv2.dll (ANGLE libGLESv2 Dynamic Link Library)  (b68d0eaff128e85597f513fa2db67dcf)

1 / 68      (Adware)
chrome_child.dll (Bagbin by Google)  (6d7ff079b0605efa58cd7f53ebef5ebf)

1 / 68      (Adware)
chrome.dll (Bagbin by Google)  (398eeeb3247dde310e66c70a93c4f5cd)

 
Latest 30 of 33 files

The certificates below are also signed by Shulan Hou.

18DB51E9C16B714FFCB04CB5C35983FA  (Oct 08, 2016 to Jun 14, 2017)

2A5B578B2DA9A441D2C1AECD265EEFBF  (Jul 25, 2016 to Jun 14, 2017)

77C4983B630ECB2C08FBC858271E3D45  (Jul 20, 2016 to Jun 14, 2017)

03254EAC08CFABB19414DAE3BD08D149  (Jul 18, 2016 to Jun 14, 2017)

2F1AD76761251F239B649AF9F2D2627C  (Aug 11, 2016 to Jun 14, 2017)

74702DFF5D4056B847D009A2265FB1B3  (Jul 28, 2016 to Jun 14, 2017)

21E3000980B30029C251639A0B0AF0FD  (Aug 25, 2016 to Jun 14, 2017)

3261BAE34D602AACC22105B22CB5F2E9  (Sep 12, 2016 to Jun 14, 2017)

1B471CD0973DAEB038ECC7D56538602F  (Aug 04, 2016 to Jun 14, 2017)

2FA5C2C495E0BB4E598CAC1C6E8316B5  (Aug 29, 2016 to Jun 14, 2017)

10 of 45 code signing certificates issued

The following publishers (by Authenticode signature organization name) are related.

* Note, the details and description above are based on the code signing digital signature issued to Shulan Hou by thawte, Inc. on August 22, 2016 with the serial number '58d977998990941725a12a8e95e680e8'.