torangcommunications

Publisher Information

torangcommunications is a software publisher located in kangnam, Seoul in Korea*. The company is a primary distributor of unwanted software. Thre are 2 additional code signing certificates issued to this publisher.
Authority:
Thawte, Inc.

Valid from:
4/19/2013 9:00:00 AM

Valid to:
5/20/2014 8:59:59 AM

Subject:
CN=torangcommunications, O=torangcommunications, L=kangnam, S=seoul, C=KR

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
09827727bdb71cf128b5aeb47ce2c8ea

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.torangcommunications.T, PUP.Startup.torangcommunications.O, PUP.torangcommunications.P, PUP.torangcommunications.K, PUP.torangcommunications (M), PUP.torangcommunications.Installer (M), PUP.torangco (M), PUP.torangco.Installer (M), PUP (M)
100.00%

Trend Micro House Call
ADW_KRADDARE, TROJ_GEN.F47V0106, TROJ_GEN.F47V1115, TROJ_GEN.F47V0417, TROJ_GEN.F47V0424, TROJ_GEN.F47V0513, Suspicious_GEN.F47V0610
25.00%

AhnLab V3 Security
PUP/Win32.WindViewer, PUP/Win32.Adware, Adware/Win32.BHO, PUP/Win32.Addendum, PUP/Win32.WindoSearch, PUP/Win32.WindoGuide
20.83%

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h
20.83%

McAfee
Artemis!5DCF84784F9A, Artemis!A14ACAC82FBE, Artemis!DEDDBA17B303, Artemis!94127B3B732E, Artemis!361504487151, Artemis!050A1C1F88F9
12.50%

McAfee Web Gateway
Artemis!5DCF84784F9A, Artemis!A14ACAC82FBE, Artemis!DEDDBA17B303, Artemis!361504487151
12.50%

VIPRE Antivirus
Trojan.Win32.Generic, Backdoor.Win32.Ircbot.gen, Trojan.Adclicker
12.50%

nProtect
Adware/W32.KrAdword.200264, Adware/W32.Agent.86088, Adware/W32.KrAdword.193096, Adware/W32.KrAdword.139848
10.42%

F-Prot
W32/Themida_Packed
10.42%

Trend Micro
ADW_KRADDARE
8.33%

1 / 68      (Adware)
windvo.dll  (391f1962b6e7a8a1454045da174d5da6)

1 / 68      (Adware)
windviewerdesk.exe  (7c70fc37c9dc45a76099c1b2c8062cec)

1 / 68      (Adware)
setup.exe  (7202fa54feabc9709d2436cf8e125d08)

1 / 68      (Adware)
setup.exe  (02d6dc68e2e59bca316b765b8637f64e)

1 / 68      (Adware)
setup_pid008_silent.exe  (e5912a3add7e6c6324e1a710807a6aff)

1 / 68      (Adware)
windvo.dll  (b10faf45325d3765e512f21f29c86360)

1 / 68      (Adware)
setup.exe  (9f130fc27584000473691fff10afadc6)

1 / 68      (Adware)
windvo.dll  (9805e355ec2c27c84f61039de12b3d45)

1 / 68      (Adware)
windvo_uninstall.exe  (2ea434e0c87a176a4324666b8ac59108)

1 / 68      (Adware)
windvo.dll  (fbec9b53b10d77186e110275a652e69e)

2 / 68      (Adware)
setup_pid008_silent.exe  (8549035a933a309b83a040d7f0315d38)

1 / 68      (Adware)
22630  (0d08735357371dd4648d8ee1f11b459b)

1 / 68      (Adware)
19108  (b74e844757a20eb5f57d39926a0dd3d7)

1 / 68      (Adware)
windvotmp_6127  (16c92d6c8718521c722fc0c63b2a49c4)

1 / 68      (Adware)
8213d0884ebe86c05fcbcd4f500c2264  (8213d0884ebe86c05fcbcd4f500c2264)

1 / 68      (Adware)
windvotmp_4867  (14db9a3bc58708f41a42986d17cbb5ab)

1 / 68      (Adware)
windvo.dll  (e0d1fcefc40bc3c362b7251b24e2dbf8)

1 / 68      (Adware)
setup_pid001_silent.exe  (5c61f2eb743f1338aa3d48a17a3642ef)

1 / 68      (Adware)
setup_up.exe  (7a8e5b9faae63227ffb417b1ea5b7f31)

1 / 68      (Adware)
windviewer.dll  (d2d58067832bf6dd213936cd5b0ef41f)

1 / 68      (Adware)
windopt.exe  (1de73b4701127d4665bcb5912a9ad30a)

1 / 68      (Adware)
windviewer.exe  (6d9fe714c885f6ee6e73eb580472716d)

1 / 68      (Adware)
windvo_uninstall.exe  (2d7f9be71ea9c03eec3f4387c61cb2ca)

1 / 68      (Adware)
windvo.dll  (9eb93a5212ec9bbd36f2fdca5b380189)

1 / 68      (Adware)
windvo_uninstall.exe  (7912c810d5a1c15183ba45e27b6df8ee)

1 / 68      (Adware)
windvo.dll  (76b4df95e5e1808a597f4593177da008)

1 / 68      (Adware)
windvo_uninstall.exe  (2c4cd218012095b3c779bd69fc5d50e5)

1 / 68      (Adware)
windvo.dll  (774a74bbf5318ee9350a98c7308546a9)

1 / 68      (Adware)
windvo.dll  (4a3141834873e713a21523233252cee3)

1 / 68      (Adware)
windvou.dll  (141cf7d777174139bc85136441a888df)

 
Latest 30 of 48 files

The certificates below are also signed by torangcommunications.

4B8FEA32F931A6055DD3A6FBD2EFA432  (Mar 13, 2012 to Apr 13, 2013)

52ACAB754DEC6C8A2B35197339CD05F8  (Mar 08, 2010 to Mar 08, 2012)

The following publishers (by Authenticode signature organization name) are related.

* Note, the details and description above are based on the code signing digital signature issued to torangcommunications by Thawte, Inc. on April 19, 2013 with the serial number '09827727bdb71cf128b5aeb47ce2c8ea'.