home

Skytouch Technology Co., Limited

Publisher Information

Skytouch Technology Co., Limited is a software publisher located in Hong Kong*. The company is a primary distributor of unwanted software. Thre are 35 additional code signing certificates issued to this publisher.
Authority:
GlobalSign nv-sa

Valid from:
7/8/2013 10:29:59 AM

Valid to:
7/9/2014 10:29:59 AM

Subject:
CN="Skytouch Technology Co., Limited", O="Skytouch Technology Co., Limited", L=HongKong, S=HongKong, C=HK

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
11216078022fa91c0eb61326e0e8fdbe9c30

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Service.SkytouchTechnologyCoLimited.H, PUP.SkytouchTechnologyCoLimited.I, PUP.SkytouchTechnologyCoLimited.R, PUP.SkytouchTechnologyCoLimited.N, PUP.ELEX.SkytouchTechnologyCo (M), PUP.ELEX.Skytouch (M), PUP.ELEX (M)
100.00%

McAfee
RDN/Generic PUP.x!bmc, RDN/Generic.dx!crf, Adware-Bprotect, Artemis!E2A0FAD868A5, RDN/Generic PUP.x!bf3, RDN/Downloader.a!og
22.00%

Trend Micro House Call
TROJ_SPNR.3CKH13, TROJ_GEN.R0CBB01JG13, TROJ_FRS.BMA000JA13, TROJ_GEN.F47V0805, ADW_STASER, TROJ_SPNR.0BJQ13, TROJ_GEN.R0CBH07JN13
22.00%

VIPRE Antivirus
Trojan.Win32.Generic, BProtector, Elex Installer
22.00%

Fortinet FortiGate
Riskware/PUP_x, W32/STASER.A!tr, W32/VMProtBad.A, W32/Dloadr.DSY!tr, W32/Staser.QAF!tr, W32/StartPage.CJAB!tr, W32/Staser.FV!tr
22.00%

Avira AntiVirus
TR/Wysotot.Gen, TR/Crypt.cfi.56, APPL/Elex.sld, SPR/Tool.ExqPage.H, Adware/ELEX.B
22.00%

Malwarebytes
PUP.Optional.Wsys.A, Trojan.Dropper, PUP.Optional.Elex.A, Trojan.Downloader
20.00%

Sophos
Elex, Mal/VMProtBad-A, Troj/Dloadr-DSY, Mal/Generic-S
20.00%

Trend Micro
TROJ_SPNR.3CKH13, TROJ_FRS.BMA000IR13, TROJ_FRS.BMA000JA13, ADW_STASER, TROJ_SPNR.0BJQ13, TROJ_SPNV.01JG13, TROJ_GEN.R0CBC0OJ213
20.00%

AVG
Generic35, Crypt_c, Win32/DH{AB41DCcofl0gIiUTF2Q}, Startpage.A, MalSign.Generic, Agent4
20.00%

1 / 68      (Adware)
milionerzy.exe (eDownload Module)  (fe699836b42fe266eb6c126ac415fe63)

1 / 68      (Adware)
winrar_32bit.exe (eDownload Module)  (7a70909a1a1a2d96b00b4a1408c4ad7a)

1 / 68      (Adware)
directx11fs18tag.exe (eDownload Module)  (680fba6e427e5b1e3eb714be6e566fe0)

1 / 68      (Adware)
ares_13-08-2811.exe (eDownload Module)  (f2ac31a407a300b8218f287975b27ddd)

1 / 68      (Adware)
youtv.exe (eDownload Module)  (97d73db35b18501632428278a6cb265f)

1 / 68      (Adware)
the_sims.exe (eDownload Module)  (3e330210528434543ca0b0011cd8b41f)

1 / 68      (Adware)
goplayer_13-08-2818.exe (eDownload Module)  (deb98e75f60a1bb22e2be9961c945db1)

1 / 68      (Adware)
q2lryev8.exe (eDownload Module)  (fc15492bfd79a572a4c9c44b850148b2)

1 / 68      (Adware)
epom_dosearches_2013114182510.exe  (e1f04f753dd68197f67d1c7e070e3a88)

1 / 68      (Adware)
goplayer.exe (eDownload Module)  (8a410123e0d6c13201021e42125563cc)

1 / 68      (Adware)
winrar_32bit.exe (eDownload Module)  (33221292c4cc65a441806348efddc486)

1 / 68      (Adware)
winrar_32bit_v8.4.5fs18tag.exe (eDownload Module)  (abfcf82e09fc75553fa7dd941075f195)

1 / 68      (Adware)
desk365_1.14.20.8091.exe (eDownload Module)  (935d6f81b6d0b906c39f629a7b21ee4a)

1 / 68      (Adware)
counter_strike(pobierz.pl).exe (eDownload Module)  (b9137a1a52103c41d3cbabb8966759de)

1 / 68      (Adware)
_eupdate_13.3.2.2700.exe  (51e9b4b130074758079617d58ba3e759)

1 / 68      (Adware)
onaylanmayan 587578.crdownload (eDownload Module)  (b666c78f1f689d823164d1de959c409a)

1 / 68      (Adware)
hdfilm_vfs18tag.exe (eDownload Module)  (d9239575005227c2070dbc99d863a5de)

1 / 68      (Adware)
hdfilmfs18tag.exe (eDownload Module)  (77acf3b979a30e33f573eb25a8d76670)

1 / 68      (Adware)
goplayer.exe (eDownload Module)  (a5b8a4be259f14870dd2283947099167)

1 / 68      (Adware)
r_1zgftt.exe (eDownload Module)  (3588ceaf446cc84e32aecdbb01b9ae89)

1 / 68      (Adware)
callofduty_1.fs18tag.exe (eDownload Module)  (7d8b733b5f4f163d4d4284c72010d8e6)

1 / 68      (Adware)
لم يتم تأكيده 838792.crdownload (eDownload Module)  (1b13bcf6773fe1eef4e5aa1131087d8e)

1 / 68      (Adware)
xcom.exe (eDownload Module)  (85909d12ce08e23f10ef8193af8089e9)

1 / 68      (Adware)
epom2_dosearches_2013114182521.exe  (7a9c1d8e5576a90de934849ff4d45e7a)

1 / 68      (Adware)
goplayer.exe (eDownload Module)  (9d963c89828065641ea4cc320fd4c22b)

1 / 68      (Adware)
u0f1z9rl.exe (eDownload Module)  (ec1a1c1d98fe65c4044b78c8b2898280)

1 / 68      (Adware)
eGdpSvc.exe (Wsys Control by Wsys Co.)  (9aa537b86a28baa3b2cbcb214240cbb1)

1 / 68      (Adware)
goplayer.exe (eDownload Module)  (d6b5ba23be7d0956a61196fef606956b)

1 / 68      (Adware)
vqkoqu7s.exe (eDownload Module)  (28b5ecdf674f4b4cefd821af8e7e8aad)

1 / 68      (Adware)
dprotect.exe (TODO: <Product name> by TODO: <Company name>)  (40ad368027f64b7db9232fb4d166e430)

 
Latest 30 of 51 files

Downloads URLs for files signed by Skytouch Technology Co., Limited.

1 / 68      (Adware)
http://dl.elex.soft365.com/.../generator?short=guanwang_34_739918b549c69f2153a819e4f7bfd8f0  (desk365_1.14.20.8091.exe)

1 / 68      (Adware)
http://d3d6wi7c7pa6m0.cloudfront.net/bundles/.../adks_ar_qone8_20131022.exe  (31db95190350a91470bca5127fec0e9a)

39 / 68    (Adware)
http://cdn.airdlr4.com/downloads/offers/.../air_ar_qone8h.exe  (b060fd4af709d75e99423cbdb05b33bf)

The following websites host and distribute files published by Skytouch Technology Co., Limited.

cdn.airdlr4.com

d3d6wi7c7pa6m0.cloudfront.net

The certificates below are also signed by Skytouch Technology Co., Limited.

11210C5FFE3CC0A399CEA5CA83FFC0772D2B  (Dec 31, 2015 to Jul 19, 2016)

11219261AFE8E45AD83D901FD68EAE39CE69  (Dec 24, 2015 to Jul 19, 2016)

112117933FAD21E4DA5C35DEEFF058F2EF4A  (Nov 10, 2015 to Jul 19, 2016)

11212C9A4FCD7971980A0F909560D5BE6710  (Nov 27, 2015 to Jul 19, 2016)

11218B3B24CD809C4CA8EEFB221E47ED883C  (Jan 28, 2016 to Jul 19, 2016)

1121B2CD5929AD4EBDCDE4576D862B440BC2  (Dec 17, 2015 to Jul 19, 2016)

1121D99EB534095C60E2A76088C0C6927518  (Nov 25, 2015 to Jul 19, 2016)

1121E965E4C4992F9D73057FEB78C4D49A6B  (Jan 15, 2016 to Jul 19, 2016)

11213125E84B50DBED5BD494DD7897E07CC5  (Mar 09, 2016 to Jul 19, 2016)

1121319255A74AAF79F67109B77C092E6107  (Jan 08, 2016 to Jul 19, 2016)

10 of 35 code signing certificates issued

The following publishers (by Authenticode signature organization name) are related.

Thinknice Co. Limited

Cherished Technology Limited

Beijing ELEX Technology Co.,Ltd

UNLIMITED DOWNLOADS LLC

Search Results, LLC

Innovative Apps

Banyan Tree Technology Limited

SweetIM Technologies Ltd

TUTO4PC COM INTERNATIONAL SL

SIEN S.A.

Weather Protector LLC

JDI BACKUP LIMITED

ReSoft LTD.

WunderWeb

Visual Tools

CLARALABSOFTWARE

KEYDOWNLOAD LTD

Perion Network Ltd.

Weather Warnings LLC

DealPly Technologies Ltd

Denco Limited

Weather Notifications LLC

Linksicle

Local Weather LLC

Linkular LLC

Amonetize ltd.

Spring Smart

Creative Island Media, LLC

Smart Apps

Savepath Deals

30 of 32 publishers

* Note, the details and description above are based on the code signing digital signature issued to Skytouch Technology Co., Limited by GlobalSign nv-sa on July 08, 2013 with the serial number '11216078022fa91c0eb61326e0e8fdbe9c30'.
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.