home

Tan Qilin

Publisher Information

Tan Qilin is a software developer located in 四川省, China*. The company is a primary distributor of unwanted software.
Authority:
WoSign CA Limited

Valid from:
5/28/2014 2:07:02 PM

Valid to:
5/28/2015 2:07:02 PM

Subject:
CN=Tan Qilin, E=1367024804@qq.com, L=资阳市, S=四川省, C=CN

Issuer:
CN=WoSign Class 2 Code Signing CA, O=WoSign CA Limited, C=CN

Serial number:
07069dfe674402da3b481d6e2ad40fde

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.TanQilin.j, PUP.TanQilin.Installer (M), PUP.TanQilin (M), PUP (M)
100.00%

Trend Micro House Call
Suspicious_GEN.F47V1212, Suspicious_GEN.F47V1213
4.00%

Baidu Antivirus
Adware.Win32.ZnPlayer
4.00%

AVG
Generic
4.00%

avast!
Win32:Malware-gen
2.00%

1 / 68      (Adware)
成人专用播放器_42_1688_.exe  (443e11566d8155ab8eefc3067406836c)

1 / 68      (Adware)
SetupTV.dll (SetupDll by Microsoft)  (72667e9dd491f12ca20c999b468156dd)

1 / 68      (Adware)
busuu.dll  (52cce6b3a450f1c9b9e57155f5e0ccc6)

1 / 68      (Adware)
my_tv.exe  (8cf938896c857e95c719967508d1a26d)

1 / 68      (Adware)
x64helper.exe  (46ab1c4c8808f65f8b763d4bf3305fad)

1 / 68      (Adware)
coolbarhelper64.dll  (958f0f1dd4692dd4ce0bf1627279a66c)

1 / 68      (Adware)
coolbarhelper.dll  (ea7ce11260cf5c6a34169bb25b2d29df)

1 / 68      (Adware)
vip通道播放器_5_2_.exe  (5cceea4caa36c56e62e11e965d06e389)

1 / 68      (Adware)
SetupTV.dll (SetupDll by Microsoft)  (7c86993cef8fa860664dd7e876158b2c)

1 / 68      (Adware)
Coolbar.exe  (d368206be437f60219a0dac2cc1752bf)

1 / 68      (Adware)
打开播放影片_80_1005_.exe  (eacfea09fc325172be0c98dab42fd46e)

1 / 68      (Adware)
busuu.dll  (25a446d0b7e81f3c20512d99c1594bc0)

1 / 68      (Adware)
Coolbar.exe  (e8a758f03db2da0a6b6fe86388dc43fc)

1 / 68      (Adware)
SetupDll.dll (SetupDll by Microsoft)  (423b1e74e16461dbddc4350366f765a7)

1 / 68      (Adware)
busuu.dll  (74c98c8d6dacf174d397272fc370935a)

1 / 68      (Adware)
vip私密播放器_7_1000_.exe  (488d1b11f61cdc0ffa467309ce1291b7)

1 / 68      (Adware)
SetupTV.dll (SetupDll by Microsoft)  (67d4ce57616ebec9823604ce702bdf4f)

1 / 68      (Adware)
Coolbar.exe  (fc06d7c5ce0ec5d546ecf49cfa8bb696)

1 / 68      (Adware)
高清电影播放器_137_1017_.exe  (1b3d31808b39121e4f0cf715d97b317e)

1 / 68      (Adware)
打开播放电影_80_1008_.exe  (de2017cf91c8c3557ebfac497419258b)

1 / 68      (Adware)
午夜播放器9277_132_8_.exe  (bf0111cdc42076d2e115cc4c00b6e556)

1 / 68      (Adware)
busuu.dll  (baa16867e6c36cfd55cc4dc051b85bc2)

1 / 68      (Adware)
SetupTV.dll (SetupDll by Microsoft)  (9c39f116a7493042d2931b6b9359241d)

1 / 68      (Adware)
my_tv.exe  (4c507e99419879e487f8f2387cfb3120)

1 / 68      (Adware)
avplayer_122_1011_.exe  (12a3cd92f04d0dffdf40996c5318b442)

1 / 68      (Adware)
x64helper.exe  (fd24dd74202c6f06e6b2d0727874deae)

1 / 68      (Adware)
coolbarhelper64.dll  (2b19c255930d80eb3b60a3797f01420a)

1 / 68      (Adware)
intelliapp.exe  (362b56d08b6f9ef421d20116fc71878f)

1 / 68      (Adware)
pplayer_40_12733_.exe  (7d32ed8d6008cdf9ea301b63cb8ec4ce)

1 / 68      (Adware)
日韩高清播放器_92_38553_.exe  (a6339ca1f3ea31aebc26641dbd8e84a5)

 
Latest 30 of 96 files

Downloads URLs for files signed by Tan Qilin.

1 / 68      (Adware)
http://xz.xaledao.com/down/.../??????_5_2_.exe  (db04529e9569e327dc52806a09fd6bcd)

1 / 68      (Adware)
http://zn.tybests.com/down/.../???????_42_1688_.exe  (443e11566d8155ab8eefc3067406836c)

1 / 68      (Adware)
http://zn.tybests.com/down/.../??????_80_1005_.exe  (eacfea09fc325172be0c98dab42fd46e)

1 / 68      (Adware)
http://zn.tybests.com/down/.../pplayer_40_12733_.exe  (7d32ed8d6008cdf9ea301b63cb8ec4ce)

1 / 68      (Adware)
http://zn.tybests.com/down/.../?QVOD???_6_8_.exe  (a1587d1a9610d12b4ae8f16e56cd5e69)

1 / 68      (Adware)
http://xz.xaledao.com/down/.../???????_5_8_.exe  (db04529e9569e327dc52806a09fd6bcd)

1 / 68      (Adware)
http://zn.tybests.com/down/.../???????_6_1_.exe  (a1587d1a9610d12b4ae8f16e56cd5e69)

1 / 68      (Adware)
http://wp.dtkykj.com/?unionid=121&unionsonid=1000&filename=??????????  (zhainanplayer_121_1000_.exe)

The following websites host and distribute files published by Tan Qilin.

xz.xaledao.com

wp.dtkykj.com

zn.tybests.com

* Note, the details and description above are based on the code signing digital signature issued to Tan Qilin by WoSign CA Limited on May 28, 2014 with the serial number '07069dfe674402da3b481d6e2ad40fde'.
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.